Data Loss Prevention VS Infosphere Guardium
September 30th, 2011
Data loss Protection (DLP) emphasis in three things:
- Protect data in use (endpoint actions). This term is related to data theft which being used like attached on emails, Instant messaging, etc.
- Protect data in motion. This term is related to data when it is being transferred. It means how to protect data when it’s still on the network.
- Protect data at rest. This term is related to data when it is already stored on laptop, sharing folder, flashdisk, etc.
This DLP security technology:
- Can’t stop data theft at the source –in the data center
- Lacks database-focused monitoring, analytics & blocking
- No knowledge about DBMS commands, vulnerabilities & structures
Infosphere Guardium is a leak prevention solution emphasis how to prevent the leakage right into the source itself where the data is stored—Database on Data Center. This solution supported eight database vendor and using three essential technologies:
- Data Extrusion Monitoring. To monitor all inbound requests to the database and all returned data to detect any transactions that violate policy or represent unusual activity
- Database Access Prevention. Uniquely offers a wide range of actions to prevent inappropriate transactions in real-time, ranging from automatic transaction blocking and user quarantine, to real-time alerts and extended auditing.
- Auto-Discovery. Automated mechanisms to find and classify sensitive data, including new instances created by developers, administrators and users.
In summary, Infosphere Guardium is part of DLP which offers more specific in database leak prevention.
For more info, please visit:
http://www-01.ibm.com/software/data/guardium/prevent-database-leaks/
