Databases have, by far, become the leading target of hackers and insiders with malicious intentions. According to Verizon's 2010 Data Breach Investigations Report, 92% of breached records originated in database servers. The fact that they contain organizations' most valuable data, such as customer records, financial information, employee PII and credit card data make them an attractive target.
Unfortunately database environments are notoriously difficult to secure, with numerous settings, platform dependencies and recommended software patches, which if inappropriately configured, can significantly affect their vulnerability. Furthermore these environments are extremely dynamic, with accounts and configurations constantly changing to accommodate business needs.
In this “10 Minutes On” webcast, Al Cooley, a Director in IBM's InfoSphere Guardium business, will discuss how automated database vulnerability assessment can be used to regularly test and harden your database infrastructure to prevent data breaches.
Attendees will learn:
- The challenges of securing databases from unauthorized access and changes.
- How database vulnerability assessment solutions can be used to harden database infrastructures by detecting configuration issues with security implications, and suggesting remediation actions.
- How on-going changes to the database environment which may affect your security posture can be automatically detected and prioritized.
- How workflow automation can ensure that all database vulnerabilities are promptly investigated and closed, helping secure sensitive data and providing the effective remediation process required by auditors.
Featured speaker: Al Cooley – Director, IBM InfoSphere Guardium
Al Cooley has broad software and security industry experience with start-ups like Guardium, as well as public companies like Tele Atlas. His articles and lectures on topics including database activity monitoring, industrial cyber security, HIDS and UTM technologies have appeared in a variety of media. Al holds a MBA from Michigan, a BS from WPI and has conducted advanced studies in Computer Engineering at BU.
About IBM InfoSphere Guardium
IBM InfoSphere Guardium provides the simplest, most robust solution for preventing database breaches and unauthorized changes to critical databases. Guardium's scalable platform simplifies information governance and compliance with unified policies for heterogeneous infrastructures. Capabilities include: real-time database activity monitoring (DAM); application-layer monitoring to identify fraud (SAP, PeopleSoft, etc.); vulnerability and configuration management; data discovery; blocking; and automated compliance reporting and oversight.
InfoSphere Guardium 8 provides the industry's broadest platform support including SharePoint monitoring; mainframe database vulnerability assessment and activity monitoring; enhanced SAP monitoring; cross-DBMS entitlement reporting; and managing database fire-IDs and automatically quarantining users who perform unauthorized or suspicious activities.