February 2, 2016 By Lynne Murray 2 min read

I’m pleased to post this article on behalf of Stacey Gregerson, data security engineer at Westfield Group.

Those of us in data security and database management are entrusted with extremely valuable assets: our organization’s data. We work in a world in which we continually assess and manage risk. We must be constantly vigilant against attacks from the inside and out.

I’ve been doing this work for 20 years, and I am in constant communication with my data security peers. I was one of the early adopters of IBM Security Guardium, and it has been an extremely valuable tool to achieve a higher level of data security.

With my experience and my talks to many other organizations that are initiating new data security programs using Guardium, I think I have a good feel for the practices that can help organizations succeed. All of us have been in the same boat — Guardium beginners — and to be honest, getting started with any new security tool is not easy.

Three Stages of Data Security

Not surprisingly, I’ve discovered that some organizations that bite off more than they can chew run into problems that can affect the success of the project. I know because I did the same thing with my first deployment. Since then, I have learned that a data security strategy should be handled in three stages: crawl, walk and run.

1. Crawl

First, crawl by collecting basic monitoring information that will satisfy initial audit requirements for the most high-priority databases. This is easily done using the default security policy with perhaps a few modifications.

2. Walk

Next, you walk by adding such things as privileged user monitoring and reporting. You can build advanced monitoring that is project- and database-specific.

3. Run

Finally, you can run. That may include using features such as data classification, blocking use of the S-GATE functionality or making the whole environment more efficient by leveraging workflow capabilities.

Learn More at InterConnect 2016

Setting priorities and realistic goals is critical to the ongoing success of any data security project. In my session at IBM InterConnect 2016, I will share examples of specific things to add to your communication checklist when working with other groups, from audit reporting requirements to showing database administrators (DBAs) how database activity insights can help them improve performance. It’s also critical to show value right away, and I’ll have examples of how you can demonstrate to management and other groups instantaneous value for the investment.

Join me on Tuesday, Feb. 23, at 8:30 a.m. in the Mandalay Bay South Lagoon B in Las Vegas for “Three Guardium Deployments: Westfield Group Shares Lessons Learned.”

More from Data Protection

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

The compelling need for cloud-native data protection

4 min read - Cloud environments were frequent targets for cyber attackers in 2023. Eighty-two percent of breaches that involved data stored in the cloud were in public, private or multi-cloud environments. Attackers gained the most access to multi-cloud environments, with 39% of breaches spanning multi-cloud environments because of the more complicated security issues. The cost of these cloud breaches totaled $4.75 million, higher than the average cost of $4.45 million for all data breaches.The reason for this high cost is not only the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today