Published on 31-Jan-2011
Validated on 12 Jul 2012
Major International Telecommunications Company
Integrated Data Management, Information Governance, Security: Governance, Risk and Compliance
Case Study: Implementing Database Activity Monitoring for a Major International Telecommunications Company
A leading international telecommunications organization needed a cost effective means to protect the privacy of its customer data and comply with regulatory requirements.
The customer’s systems are managed by a well-known global systems integrator. After inquiring with Gartner and Forrester Research, the systems integrator evaluated multiple database auditing vendors (including Oracle) and chose the InfoSphere Guardium solution. InfoSphere Guardium’s appliance-based technology allows companies to secure their enterprise data and rapidly address compliance requirements without affecting performance or requiring changes to databases or applications.
InfoSphere Guardium provided a fine grained audit trail of all sensitive data access, along with automated reporting and compliance workflow, satisfying the needs of auditors. Real-time blocking and alerts ensured privacy policies were strictly enforced.
The organization wanted to:
• Monitor access to private customer data located in thousands of databases across a wide geographical area.
• Implement the solution for both Operational Support Systems (OSS) and Business Support Systems (BSS).
• Create a centralized audit trail for all database instances across:
––Multiple DBMS platforms: Oracle, SQL Server, Sybase
––Multiple OS platforms: Solaris, OpenVMS and Windows
––Multiple data center locations: OSS in 11 locations, BSS in five locations
• Monitor privileged user access via local protocols such as Oracle BEQ, shared memory and Sybase TLI.
• Produce detailed compliance reports for their auditors.
• Implement proactive security via real-time alerts for critical events, based on both corporate security policies and anomaly detection (comparison to baselines).
• Monitor application end-users for fraudulent activities via enterprise applications such as Business Objects.
• Provide granular logging (to a single DB column) with detailed information about users (username, IP address, MAC address, application name, protocol, etc.).
• Log all security exceptions such as failed logins and SQL errors.
• Log all query results for sensitive data.
• Provide separation of duties and non-repudiation of audit data; ensure that data cannot be modified by anyone, even authorized administrators, via access at any level (e.g. system GUI, root access to OS, physical access to storage).
• Support cross-analysis (correlation) of log information from different databases.
• Easily integrate the solution with their existing environment (LDAP, Kerberos, SNMP/SMTP, etc.) and manage it remotely.
• Implement a solution that does not rely on database-resident functions (such as triggers, trace or transaction logs) since these can affect database performance and stability.
• Select a solution that provides strong 2-factor authentication such as RSA SecurID.
• Implement a solution that incorporates appliances with high-availability features (RAID, fail-over, etc.).
The customer’s systems are managed by a well-known global systems integrator. After inquiring with Gartner and Forrester Research, the systems integrator evaluated multiple database auditing vendors (including Oracle) and chose the InfoSphere Guardium solution.
InfoSphere Guardium’s appliance-based technology allows companies to secure their enterprise data and rapidly address compliance requirements without affecting performance or requiring changes to databases or applications.
The company’s infrastructure includes thousands of databases in Production, Staging, Test, and Development environments, that need to be monitored for unauthorized or suspicious access. These databases support a range of OSS and BSS applications.
NOTE: Please view the PDF version of this case study for a summary of how InfoSphere Guardium addressed the stringent requirements typically defined by telecommunication organizations.
Other Telecom Installations
InfoSphere Guardium technology is currently being used to protect the privacy of sensitive data for many telecommunications companies around the world. Other installations include:
• Several global telecommunications and mobile wireless operators based in Europe
• Several mobile wireless telecommunications operators in the southern hemisphere
• Several US-based telecommunications operators
• Several Japanese telecommunications operators
About IBM InfoSphere Guardium
InfoSphere Guardium is the most widely-used solution for preventing information leaks from the data center and ensuring the integrity of enterprise data. It is installed in more than 400 customers worldwide, including 5 of the top 5 global banks; 4 of the top 6 insurers; top government agencies; 2 of the top 3 retailers; 20 of the world’s top telcos; 2 of the world’s favorite beverage brands; the most recognized name in PCs; a top 3 auto maker; a top 3 aerospace company; and a leading supplier of business intelligence software. InfoSphere Guardium was the first solution to address the core data security gap by providing a scalable, cross-DBMS enterprise platform that both protects databases in real-time and automates the entire compliance auditing process.
Guardium is part of IBM InfoSphere; an integrated platform for defining, integrating, protecting and managing trusted information across your systems. The InfoSphere Platform provides all the foundational building blocks of trusted information, including data integration, data warehousing, master data management, and information governance, all integrated around a core of shared metadata and models. The portfolio is modular, allowing you to start anywhere, and mix and match InfoSphere software building blocks with components from other vendors, or choose to deploy multiple building blocks together for increased acceleration and value. The InfoSphere Platform provides an enterprise-class foundation for information-intensive projects, providing the performance, scalability, reliability and acceleration needed to simplify difficult challenges and deliver trusted information to your business faster.
Products and services used
IBM products and services that were used in this case study.
Footnotes and legal information
1 The Forrester Wave: Enterprise Database Auditing and Real-Time Protection, Q4 2007” by Noel
Yuhanna, October 2007.
© Copyright IBM Corporation 2010 IBM Corporation Route 100 Somers, NY 10589 US Government Users Restricted Rights - Use, duplication of disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Produced in the United States of America May 2010 All Rights Reserved IBM, the IBM logo, ibm.com, Guardium and InfoSphere are trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at www.ibm.com/legal/copytrade.shtml. IMC14569-USEN-00