Organizations are subject to a growing number of regulatory mandates to protect sensitive information such financial records and personally identifiable information (PII). These mandates require mechanisms but put in place to detect, record, and remediate unauthorized access or changes to sensitive data, including those by privileged users. IBM’s InfoSphere Guardium provides a simple means of automating and centralizing compliance controls, even in geographically dispersed multi-vendor environments. It reduces compliance costs by providing:
- Granular real-time policies that automatically detect and block unauthorized or suspicious actions, even those of insiders.
- A secure centralized repository containing a fine-grained audit trail of all database activities across the enterprise, as well as important file sharing activities.
- Customizable workflow automation to generate compliance reports on a scheduled basis, distribute them to oversight teams for electronic sign-offs and escalation and store the results of remediation activities in the repository.
- Automated mechanisms to find and classify data covered by compliance mandates so real-time policies and compliance workflow always encompass required data.
InfoSphere Guardium is used by over 400 organizations world-wide to automate the controls associated with a variety of mandates including:
- Financial regulations, such as the Sarbanes-Oxley Act (SOX), FIEL and C-SOX
- Data Privacy regulations including the EU Data Privacy Directive, PIPEDA, Garante della Privacy and the German Federal Data Protection Act
- PCI DSS (Payment Card Industry Data Security Standard), providing support for capabilities specified in sections 2,3,6,7, 8,10, 11 and 12
- HIPAA
No comments:
Post a Comment