Analyst reports
Market Overview: Database Security, 2011
Database Security is essential for all enterprises — read the Database Security Market Overview from Forrester Research, Inc.
Last updated: 13 Dec 2011
The Forrester Wave(TM): Database Auditing And Real-Time Protection, Q2 2011
IBM InfoSphere Guardium recognized as a leader with the highest rankings in market presence, strategy and current offering
Last updated: 01 Jun 2011
Why Communication Fails: Five Reasons the Business Doesn’t Get Security’s Message
One of the most serious problems facing security and risk management professionals is the inability to communicate effectively with the enterprise—resulting in security and risk management efforts that fail to meet the needs of the business.
Last updated: 04 Feb 2011
Look beyond database auditing to improve security, audit visibility and real time protection
Consulting study provides real-world findings on how to ensure comprehensive auditing, real-time monitoring and protection of critical database and enterprise applications
Last updated: 01 Jan 2011
Forrester Case Study: Securing SAP & Siebel Data with 239% ROI
A commissioned case study from Forrester Consulting shows a risk-adjusted ROI of 239% and a payback period of 5.9 months. The customer is a F500 manufacturer of consumer food and beverage products whose brands are household names around the world.
Last updated: 10 Aug 2010
ESG Report: Databases at Risk
ESG analyzed the current state of database security and categorizes databases as a “dangerous and growing security gap”
Last updated: 01 Aug 2010
Gartner research - Ten database activities enterprises need to monitor
This Gartner RAS Core Research Note compiles the 10 critical database activities and behaviors that enterprises should be auditing now.
Last updated: 30 Apr 2010
Books
Protecting Against Database Attacks and Insider Threats
This eBook examines the top 5 scenarios and the essential best practices for preventing database attacks and insider threats. Organizations who adopt a proactive approach will require a comprehensive database security solution that can help them reduce compliance complexity
Last updated: 29 Dec 2011
Case studies
Numius creates a business analytics platform for customers ... Based on smarter computing from IBM
Working with IBM® and IBM Premier Business Partner I.R.I.S. ICT, Numius created a flexible, cost-effective analytics package – Numius Platform Services (NPS). NPS provides added-value on specific problems as part of a straightforward, general solution based on IBM hardware.
Last updated: 08 Dec 2011
Data Privacy in Telecommunications
Case Study: Implementing Database Activity Monitoring for a Major International Telecommunications Company
Last updated: 31 Jan 2011
Data Security and Compliance in Healthcare
Case Study: Implementing database activity monitoring and auditing in a leading healthcare payer organization
Last updated: 31 Jan 2011
Data sheets
IBM InfoSphere Guardium
Managing the Entire Database Security and Compliance Lifecycle
Last updated: 06 Sep 2011
IBM InfoSphere Guardium Encryption Expert - Protect sensitive data against theft, misuse and exposure
IBM® InfoSphere™ Guardium® Encryption Expert is designed to help organizations safeguard data in both online and offline environments.
Last updated: 19 Jan 2011
Magazines
A Proactive, Preventative Approach to Compliance and Security
Lower risk through a proactive approach to compliance and security. http://www.ibmsystemsmag.com, Sept. 2011.
Last updated: 09 Sep 2011
Guardium 7 – database security review, by David Mitchell, IT PRO
The Verdict: 5 Stars With database attacks on the increase Guardium can make sure businesses don’t get caught with their pants down.
Last updated: 25 Feb 2009
Network Security Against Today's Threats - Guardium 7 Product Review, by Samara Lynn, CRN ChannelWeb
Guardium’s database security may contain the most powerful compliance regulations tools that the Test Center has ever seen.
Last updated: 09 Jan 2009
Podcasts
Securing critical enterprise data in cloud and virtualized environments
Whether it’s a physical data center, a virtualized data center, or a private cloud, the fundamental information security principles don’t change, but control considerations do. In this podcast, you will learn 10 best practices necessary to safeguard sensitive data and ensure compliance.
Last updated: 29 Dec 2011
Databases Under Attack
If your databases containing sensitive data were breached by hackers with compromised credentials—would you know? And could you prove it to your auditors? IBM InfoSphere Guardium discusses best practices that provide a holistic approach to safeguarding databases and achieving compliance.
Last updated: 19 Dec 2011
Automation of sensitive data identification and redaction
Protecting sensitive information is a hot topic, especially with so many high profile data breaches, like the recent attacks at Sony, Lockheed Martin and RSA. Organizations, large and small, are looking to protect sensitive data in documents, forms and images.
Last updated: 31 Aug 2011
Free Your Documents
As information volumes expand and organizations find new ways to collaborate with partners and customers, the question arises: How secure is your sensitive information? In this podcast, we will discuss why access control and encryption are not enough! Learn about how redaction can facilitate secure document sharing.
Last updated: 31 Aug 2011
Product documentation
IBM InfoSphere Guardium S-TAP for DB2 on z/OS
Version 8 Release 1 User's Guide SC27-3638-01
Last updated: 09 Sep 2011
InfoSphere Guardium S-TAP for IMS on z/OS
Version 8 Release 2 User's Guide SC19-3344-00
Last updated: 09 Sep 2011
InfoSphere Guardium S-TAP for VSAM on z/OS
Version 8 Release 2 User's Guide SC19-3346-00
Last updated: 09 Sep 2011
InfoSphere Guardium Data Encryption for DB2 and IMS Databases
Version 1 Release 2 User's Guide SC19-3219-00
Last updated: 25 Feb 2011
Solution sheets
InfoSphere Guardium Encryption Expert helps secure SAP data
Encrypt SAP data to help protect your SAP environment and address compliance requirements
Last updated: 20 Sep 2011
Videos
Best Practices for Database Security, Information Governance & Compliance
Learn about best practices for protecting against SQL injection attacks; unauthorized access by both privileged users and outsourced DBAs; database vulnerabilities; and changes to security configurations.
Last updated: 09 Aug 2011
Cisco Videocast: Network Survival Guide for Compliance
Hear Guardium CTO Ron Ben-Natan interviewed on Cisco's Techwise TV segment "Network Survival Guide for Compliance." Includes a live demo of the Guardium solution.
Last updated: 05 Oct 2010
Webcasts
Streamlining Access to Test Data for Testers and Developers
Download this complimentary webcast to learn more about challenges in test data management, streamlining test data delivery and establishing a collaborative test data management process, all while reducing test time.
Last updated: 08 Feb 2012
Addressing PCI for Databases: Beyond Encryption and Log Management
PCI databases handle millions of transactions per day—making it impractical to implement native database logging and auditing. PCI Reqt. 10 (Track & monitor access to cardholder data) is considered to be the most challenging requirement. In this webinar.
Last updated: 21 Dec 2011
IBM X-Force 2011 Mid-Year Trend Report: Analyzing the Latest Cyber-Threats
This webcast focuses on the security landscape and the latest results from the IBM X-Force 2011 Mid-year Trend and Risk Report, an in-depth analysis of more than 54,000 vulnerabilities and 12 billion daily intrusion attempts.
Last updated: 14 Dec 2011
Reconciling Openness with Privacy: How Automated Data Redaction supports Data Privacy within IBM ECM
Learn how automated data redaction can help your company comply with privacy initiatives.
Last updated: 11 Oct 2011
Cybercrime Insights: 2011 Data Breach Investigations Report from Verizon Business & the U.S. Secret Service
The Data Breach Investigation Report series spans seven years and more than 1,700 breaches involving more than 900 million compromised records, making it the most comprehensive study of its kind.
Last updated: 30 Sep 2011
Compliance Best Practices for Oracle EBS, PeopleSoft & SAP
Auditors often focus on Oracle EBS, PeopleSoft, SAP and other enterprise applications because they contain sensitive data for SOX, PCI, HIPAA/HITECH, FISMA2 and other regulations.
Last updated: 30 Aug 2011
Compliance best practices for Oracle E-Business Suite, PeopleSoft and SAP
Auditors often focus on Oracle EBS, PeopleSoft, SAP and other enterprise applications because they contain sensitive data for SOX, PCI, HIPAA/HITECH, FISMA2 and other regulations.Watch this Webcast to learn how to pass audits faster and with less effort
Last updated: 30 Aug 2011
Strategies for securing enterprise data
Data breaches, privacy violations and increasing regulatory requirements are frequent challenges forcing today’s organizations to recognize the need to take a more strategic approach to information governance and data privacy. Securing and protecting data
Last updated: 15 Aug 2011
Preventing Database Breaches: Insights from Independent Research on Database Auditing and Real-time Protection
Preventing database breaches and unauthorized access to sensitive data by hackers, outsourced personnel and privileged users, such as DBAs, has become vital for organizations. Watch and learn why database auditing and real-time protection is a critical component in building a successful data security strategy.
Last updated: 20 Jul 2011
From Stuxnet to SQL Injection: HOWTO Safeguard Against the Latest Cyber-Threats
Learn about the security landscape and get the latest results from the newly-released “IBM X-Force 2010 Trend and Risk Report" in this On Demand Webcast.
Last updated: 20 Jun 2011
Top Scenarios for Real-Time Database Security & Monitoring
Insider threats, high-profile data breaches, regulatory compliance demands -- learn how Guardium can help.
Last updated: 24 Mar 2011
HOW TO Secure Oracle 10g and 11g: Hardening the Database
Learn how to eliminate security risks by removing features you don’t need and securely configuring databases using industry best practices and benchmarks.
Last updated: 01 Mar 2011
HOWTO Assess Your Database Vulnerabilities and Protect Your Most Sensitive Data.
An InformationWeek & Dark Reading Webcast sponsored by IBM InfoSphere Guardium
Last updated: 18 Feb 2011
Look beyond database auditing to improve security, audit visibility and real time protection
Consulting study provides real-world findings on how to ensure comprehensive auditing, real-time monitoring and protection of critical database and enterprise applications
Last updated: 01 Jan 2011
InfoSphere Optim Solutions for Managing System Performance
Listen as we reveal the high cost issues associated with poor system performance and hoe to combat the problem by approaching these issues with Integrated Data Management.
Last updated: 26 Apr 2010
10 Database Activities You Need to Monitor to Prevent Data Breaches
Phil Neray, VP of Security Strategy for Guardium, an IBM Company shares real-world case studies of enterprises that have implemented IBM/Guardium’s scalable platform to secure sensitive data and reduce compliance costs, with a meaningful ROI
Last updated: 01 Apr 2010
Best Practices for Data Privacy and Protection
Find out how global organizations have implemented granular access controls and real-time monitoring to track all access to sensitive data—across all their DBMS platforms and
Last updated: 01 Apr 2010
Creating a Database Security Plan -- Why Database Security is No Longer Sufficient
View this on-demand webcast featuring Noel Yuhanna, Principal Analyst and database security expert at Forrester Research Inc to learn: Why AAA and basic security are no longer
Last updated: 01 Apr 2010
Cybercrime Insights from the 2010 Verizon Data Breach Investigations Report
View this on-demand webcast featuring Noel Yuhanna, Principal Analyst and database security expert at Forrester Research Inc to learn: **Why AAA and basic security are no longer sufficient **Why 60% of internal database threats go undetected and more...
Last updated: 01 Apr 2010
Data Discovery & Classification for Heterogeneous Database Environments
View this on-demand technical webcast about how to auto-discover and classify sensitive data in heterogeneous database environments such as Oracle, Microsoft SQL Server, IBM DB2 and Informix, Sybase, MySQL and Teradata
Last updated: 01 Apr 2010
Data Protection: How security needs differ between industries
In this podcast, Phil Neray, VP of Security Strategy for Guardium, an IBM Company, talks about how the data security needs of a financial services company differ from those of a power company – and where to find common ground.
Last updated: 01 Apr 2010
How Dell IT Simplified Database Security for SOX, PCI, SAS 70
Learn how to simplify database security and compliance ─ without impacting performance or creating more work for your DBAs and security teams
Last updated: 01 Apr 2010
HOWTO Secure Mainframe PII Data & Pass Compliance Audits Faster
Learn HOW TO:Capture a fine-grained audit trail of all user activities with minimal impact on performance. Offload audit data processing from the mainframe to separate, hardened appliances. Monitor all privileged user activities, including SELECTS,
Last updated: 01 Apr 2010
HOWTO Secure Oracle 10g and 11g: Understanding Account Security
During this session, you will learn HOWTO: Create users, profiles and policies ,Enforce complex passwords and check for weak ones ,Understand password lifetime parameters and more...
Last updated: 01 Apr 2010
HOWTO Secure Your SAP Data
During this session, you will learn how to: Protect SAP data environments from fraud, external or internal attack, privilege abuse and data leakage. Enforce change and access control policies for critical SAP tables, via real-time alerting
Last updated: 01 Apr 2010
The Hacker's Roadmap: HOWTO Safeguard Against Constantly Evolving Threats
In this comprehensive on-demand webcast, you will learn: Where are cybercriminals targeting their attacks? How are they bypassing existing security methods?
Last updated: 01 Apr 2010
Lessons from the report: 2009 Data Breach Investigations
View this 60-minute educational webcast to learn about the critical trends in data theft and proven strategies for increasing your company’s data-level security against modern cybercriminals.
Last updated: 01 Jan 2009
White papers
Protect enterprise data at rest with encryption, access controls and auditing
Data security threats and related incidents, such as breaches, can harm any organization. Private and confidential information is sought after for profit, business advantage, malicious use and both industrial and government espionage.
Last updated: 13 Dec 2011
Protect payment card data to help ensure compliance
Solution scenario: IBM InfoSphere Solutions for data security and privacy. Growing financial institution tackles PCI DSS compliance through a seven-step approach and IBM® InfoSphere® Solutions for data security and privacy.
Last updated: 13 Dec 2011
Implementing Database Security and Auditing: Chapter 4 - Authentication and Password Security
Learn best practices and techniques involving authentication and user account management, password strength and password profiles, as well as user account/password maintenance.
Last updated: 04 Nov 2011
HOWTO Secure and Audit Oracle 10g and 11g: Account Security
Download the Chapter “Account Security,” to learn best practices and techniques for securing your Oracle database environments.
Last updated: 09 Aug 2011
Data security and privacy: A holistic approach
IBM InfoSphere solutions for data security and privacy are designed to support this holistic approach, helping your organization protect itself against a complex threat landscape while remaining focused on your business goals.
Last updated: 09 May 2011
InfoSphere Guardium Encryption Expert - Meeting encryption and access control requirements for the Payment Card Industry Data Security Standard
IBM® InfoSphere™ Guardium® Encryption Expert is an essential tool for any company that must comply with the PCI DSS. InfoSphere Guardium Encryption Expert is a cost-effective and easy-to-manage solution for high-speed data encryption of data both online and offline.
Last updated: 01 Feb 2011
InfoSphere Guardium Data Redaction: Reconciling openness with privacy
Provide fine-grained protection for sensitive unstructured data to achieve regulatory compliance and reduce risk.
Last updated: 01 Jan 2011
Supporting HIPAA compliance with need-to-know access to sensitive medical information
This white paper walks through an example scenario of how a growing insurance company uses IBM® InfoSphere® Solutions for data security and privacy to help achieve HIPAA compliance.
Last updated: 01 Jan 2011
8 Steps to Holistic Database Security
8 best practices that provide a holistic approach to safeguarding databases and achieving compliance.
Last updated: 01 May 2010
HOWTO Secure and Audit Oracle 10g and 11g: Chapter 6 - Authentication
Ultimate guide for providing HOWTO information for security and audit best practices for Oracle--bridging the gap between those who install and configure security features and those who secure and audit them.
Last updated: 10 Mar 2009
HOWTO Secure and Audit Oracle 10g and 11g: Database Activity Monitoring
Learn how to protect against SQL injection, categorize and identify misuse and intrusions, understand the compliance landscape
Last updated: 10 Mar 2009
HOWTO Secure and Audit Oracle 10g and 11g: Fine-Grained Auditing
Read how fine-grained auditing can help track and provide a deeper level of control over what to audit beyond standard auditing.
Last updated: 10 Mar 2009
HOWTO Secure and Audit Oracle 10g and 11g: Hardening the Database
Learn how to choose a hardening guideline, use a vulnerability assessment tool, create and maintain a secure configuration baseline.
Last updated: 10 Mar 2009
HOWTO Secure and Audit Oracle 10g and 11g: Mandatory and Administrator Auditing
Read how to protect sensitive information by tightening controls and access, monitoring business operations, and locating suspicious activities.
Last updated: 10 Mar 2009
HOWTO Secure and Audit Oracle 10g and 11g: Standard Auditing
Read why database auditing is one of the most effective ways to combat wrongdoing and detect suspicious activity.
Last updated: 10 Mar 2009
Implementing Database Security and Auditing: Auditing Categories
Learn which audit logging trails you need to address key security and compliance requirements
Last updated: 01 Dec 2005
Implementing Database Security and Auditing: Getting Started
Learn about hack-proofing your databases, tracking security vulnerabilities, the anatomy of buffer overflow vulnerabilities, why database auditing is important.
Last updated: 01 Dec 2005