Databases are critical assets to every organization as they contain valuable customer
information, corporate plans, employee data, financial data and valuable intellectual property.
It is dangerous to assume that databases are safe behind corporate firewalls. The reality is
databases are much more exposed than ever before.
IPLocks monitors all aspects of the database:
IPLocks Database Security & Compliance Platform provides continuous database monitoring to assist
enterprise database security from direct brute-force attacks to subtle snooping for sensitive data.
IPLocks can differentiate between normal and fraudulent behavior, something that other security
tools cannot.
The IPLocks Database Security & Compliance Platform supports the following databases:
- IBM DB2 UDB
- MS SQL Server
- Oracle
From a simple, web-based management console, you can monitor hundreds or thousands of your
company's databases and instantaneously receive alerts to mitigate data security risks. Since
IPLocks is non-intrusive, it will not cause unusual side effects, performance loss or crashes
associated with other solutions.
Discovering how a person uses data is highly critical in determining if data is being used
correctly. Although a user has rights to the data, the user may be using the data inappropriately.
IPLocks User Behavior Monitor (UBM) has the unique capability of discovering when data access
falls outside of the user's normal behavior.
UBM works with probabilistic event models, examining normal user activity patterns, building a
behavioral model, and then flagging events that could indicate snooping, theft or other suspicious
activities.
UBM reduces the risk of information theft by alerting on
- Access violations
- Suspicious access frequency
- Suspicious logins
- Excessive reads
- Abnormally long sessions
IPLocks Privilege Monitor (PM) focuses on monitoring changes of database privilege settings for all
users in the database and creates alerts for this potential threat. It tracks changes to privileges
through grant or revoke statements, system or object permissions, and roles or password changes.
PM provides a summary report for all user and role privileges and whether it was assigned directly
or indirectly.
PM reduces security risks by strictly managing privileges.
The database metadata describes the detailed structure of a database, its objects and the
relationships among them. Any change of schema, whether careless or malicious, can open the door
for inspection, replication or alteration of both data and structures within the database. For
these reason it is a common operational practice to disallow these changes to the production
environment.
IPLocks Metadata Monitor (MM) is designed to monitor changes in the database metadata, and
report those changes to authorized personnel.
Monitoring of these events provides a way of ensuring that
- Policies are being enforced
- Data structures are not being copied
- A viewable record that shows intended changes
The IPLocks Content Monitor (CM) is a powerful tool for detecting erroneous or destructive updates.
CM first learns a model for what constitutes a valid record or records (learn phase). It then
checks if there are any records that are unusual or have changed in that model (guard phase). If
there are records that appear to be invalid, the CM issues an alert message.
IPLocks Database Security and Compliance Solution is available for Oracle, IBM DB2, MS SQL
Server and Teradata.
|