Databases are critical assets to every organization as they contain valuable customer information, corporate plans, employee data, financial data and valuable intellectual property. It is dangerous to assume that databases are safe behind corporate firewalls. The reality is databases are much more exposed than ever before.

IPLocks monitors all aspects of the database:

IPLocks Database Security & Compliance Platform provides continuous database monitoring to assist enterprise database security from direct brute-force attacks to subtle snooping for sensitive data. IPLocks can differentiate between normal and fraudulent behavior, something that other security tools cannot.

The IPLocks Database Security & Compliance Platform supports the following databases:

  • MS SQL Server
  • Oracle

From a simple, web-based management console, you can monitor hundreds or thousands of your company's databases and instantaneously receive alerts to mitigate data security risks. Since IPLocks is non-intrusive, it will not cause unusual side effects, performance loss or crashes associated with other solutions.

User Behavior Monitor
Discovering how a person uses data is highly critical in determining if data is being used correctly. Although a user has rights to the data, the user may be using the data inappropriately. IPLocks User Behavior Monitor (UBM) has the unique capability of discovering when data access falls outside of the user's normal behavior.

UBM works with probabilistic event models, examining normal user activity patterns, building a behavioral model, and then flagging events that could indicate snooping, theft or other suspicious activities.

UBM reduces the risk of information theft by alerting on

  • Access violations
  • Suspicious access frequency
  • Suspicious logins
  • Excessive reads
  • Abnormally long sessions

Privilege Monitor
IPLocks Privilege Monitor (PM) focuses on monitoring changes of database privilege settings for all users in the database and creates alerts for this potential threat. It tracks changes to privileges through grant or revoke statements, system or object permissions, and roles or password changes. PM provides a summary report for all user and role privileges and whether it was assigned directly or indirectly.

PM reduces security risks by strictly managing privileges.

Metadata Monitor
The database metadata describes the detailed structure of a database, its objects and the relationships among them. Any change of schema, whether careless or malicious, can open the door for inspection, replication or alteration of both data and structures within the database. For these reason it is a common operational practice to disallow these changes to the production environment.

IPLocks Metadata Monitor (MM) is designed to monitor changes in the database metadata, and report those changes to authorized personnel.

Monitoring of these events provides a way of ensuring that

  • Policies are being enforced
  • Data structures are not being copied
  • A viewable record that shows intended changes

Content Monitor
The IPLocks Content Monitor (CM) is a powerful tool for detecting erroneous or destructive updates.

CM first learns a model for what constitutes a valid record or records (learn phase). It then checks if there are any records that are unusual or have changed in that model (guard phase). If there are records that appear to be invalid, the CM issues an alert message.

IPLocks Database Security and Compliance Solution is available for Oracle, IBM DB2, MS SQL Server and Teradata.