Data Privacy in Telecommunications

The organization wanted to:

• Monitor access to private customer data located in thousands of databases across a wide geographical area.

• Implement the solution for both Operational Support Systems (OSS) and Business Support Systems (BSS).

• Create a centralized audit trail for all database instances across:
––Multiple DBMS platforms: Oracle, SQL Server, Sybase
––Multiple OS platforms: Solaris, OpenVMS and Windows
––Multiple data center locations: OSS in 11 locations, BSS in five locations

• Monitor privileged user access via local protocols such as Oracle BEQ, shared memory and Sybase TLI.

• Produce detailed compliance reports for their auditors.

• Implement proactive security via real-time alerts for critical events, based on both corporate security policies and anomaly detection (comparison to baselines).

• Monitor application end-users for fraudulent activities via enterprise applications such as Business Objects.

• Provide granular logging (to a single DB column) with detailed information about users (username, IP address, MAC address, application name, protocol, etc.).

• Log all security exceptions such as failed logins and SQL errors.

• Log all query results for sensitive data.

• Provide separation of duties and non-repudiation of audit data; ensure that data cannot be modified by anyone, even authorized administrators, via access at any level (e.g. system GUI, root access to OS, physical access to storage).

• Support cross-analysis (correlation) of log information from different databases.

• Easily integrate the solution with their existing environment (LDAP, Kerberos, SNMP/SMTP, etc.) and manage it remotely.

• Implement a solution that does not rely on database-resident functions (such as triggers, trace or transaction logs) since these can affect database performance and stability.

• Select a solution that provides strong 2-factor authentication such as RSA SecurID.

• Implement a solution that incorporates appliances with high-availability features (RAID, fail-over, etc.).

The customer’s systems are managed by a well-known global systems integrator. After inquiring with Gartner and Forrester Research, the systems integrator evaluated multiple database auditing vendors (including Oracle) and chose the InfoSphere Guardium solution.

InfoSphere Guardium’s appliance-based technology allows companies to secure their enterprise data and rapidly address compliance requirements without affecting performance or requiring changes to databases or applications.

Environment
The company’s infrastructure includes thousands of databases in Production, Staging, Test, and Development environments, that need to be monitored for unauthorized or suspicious access. These databases support a range of OSS and BSS applications.

NOTE: Please view the PDF version of this case study for a summary of how InfoSphere Guardium addressed the stringent requirements typically defined by telecommunication organizations.

Other Telecom Installations
InfoSphere Guardium technology is currently being used to protect the privacy of sensitive data for many telecommunications companies around the world. Other installations include:

• Several global telecommunications and mobile wireless operators based in Europe
• Several mobile wireless telecommunications operators in the southern hemisphere
• Several US-based telecommunications operators
• Several Japanese telecommunications operators

About IBM InfoSphere Guardium
InfoSphere Guardium is the most widely-used solution for preventing information leaks from the data center and ensuring the integrity of enterprise data. It is installed in more than 400 customers worldwide, including 5 of the top 5 global banks; 4 of the top 6 insurers; top government agencies; 2 of the top 3 retailers; 20 of the world’s top telcos; 2 of the world’s favorite beverage brands; the most recognized name in PCs; a top 3 auto maker; a top 3 aerospace company; and a leading supplier of business intelligence software. InfoSphere Guardium was the first solution to address the core data security gap by providing a scalable, cross-DBMS enterprise platform that both protects databases in real-time and automates the entire compliance auditing process.

Guardium is part of IBM InfoSphere; an integrated platform for defining, integrating, protecting and managing trusted information across your systems. The InfoSphere Platform provides all the foundational building blocks of trusted information, including data integration, data warehousing, master data management, and information governance, all integrated around a core of shared metadata and models. The portfolio is modular, allowing you to start anywhere, and mix and match InfoSphere software building blocks with components from other vendors, or choose to deploy multiple building blocks together for increased acceleration and value. The InfoSphere Platform provides an enterprise-class foundation for information-intensive projects, providing the performance, scalability, reliability and acceleration needed to simplify difficult challenges and deliver trusted information to your business faster.