Datu bāzu drošība ar ibm info sphere guardium
-
date post
19-Oct-2014 -
Category
Technology
-
view
573 -
download
7
description
Transcript of Datu bāzu drošība ar ibm info sphere guardium
![Page 1: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/1.jpg)
IBM InfoSphere GuardiumEnterprise-wide Database Protection and Compliance
Jānis Bērziņš, DPA
17.05.2013
![Page 2: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/2.jpg)
Dati ir galvenais uzbrukumu mērķis…… un datubāzu serveri ir primārais nozagto datu avots
http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf
2012 Data Breach Report from Verizon Business RISK Team
Database servers contain your client’s most valuable information
– Financial records– Customer information– Credit card and other account records– Personally identifiable information– Patient records
High volumes of structured data Easy to access
WH
Y?
“Go where the money is… and go there often.”
Willie Sutton
![Page 3: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/3.jpg)
Daži fakti par pasaules piemēriem, jeb mācīsimies no citu kļūdām
Sony PlayStation Network Breach 2011: Impact - 77 million accounts hacked, 12 million had unencrypted credit card numbers; Costs – $170 millions direct costs, total with indirect – $470 millions.
Ponemon institute report (2011): Average organizational breach cost – $5.5 millions; Main causes of data breach – negligent insiders (39%) and malicious attacks (37%); Find out data breach cost for your data – https://databreachcalculator.com.
Stuxnet: Target – Iran’s nuclear facilities; Actual spread - only 60% of infected computers where in Iran;
![Page 4: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/4.jpg)
Datu pārvaldība un aizsardzība strauji mainās
Data ExplosionEverything is
Everywhere
Attack Sophistication
Extending the Perimeter Shifts Protection Focus to Data
Moving from traditional perimeter-based security…
…to logical “perimeter” approach to security—focusing on the data and
where it resides
Firewall
Antivirus
IPS
• Cloud, Mobile and Data momentum is breaking down the traditional perimeter and forcing us to look at security differently• Focus needs to shift from the perimeter to the data that needs to be protected
Consumerization of IT
![Page 5: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/5.jpg)
Pašu veidotie risinājumi ir dārgi un neefektīvi
![Page 6: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/6.jpg)
Reālā laika datubāzu uzraudzība un aizsardzība ar InfoSphere Guardium
![Page 7: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/7.jpg)
IBM InfoSphere Guardium piedāvā pilnu datubāzu drošības dzīves ciklu
![Page 8: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/8.jpg)
Guardium integrējas ar IT infrastruktūru
Directory Services(Active Directory, LDAP, TDS, etc)
SIEM(IBM QRadar, Arcsight, RSA
Envision, etc) SNMP Dashboards(Tivoli Netcool, HP Openview, etc)
Change Ticketing Systems
(Tivoli Request Mgr, Remedy, Peregrine, etc)
Vulnerability Standards
(CVE, STIG, CIS Benchmark)
Data Classification and Leak Protection
(Credit Card, Social Security, phone, custom, etc)
Security Management Platforms
(IBM QRadar, McAfee ePO )
Application Servers(IBM Websphere, IBM Cognos, Oracle
EBS, SAP, Siebel, Peoplesoft, etc )
Long Term Storage(IBM TSM, IBM Nettezza, EMC Centera,
FTP, SCP, etc)
Authentication(RSA SecurID, Radius, Kerberos,
LDAP)
Software Deployment(IBM Tivoli Provisioning Manager, RPM, Native
Distributions)
Send Alerts (CEF, CSV, Syslog, etc) Send
Events
• STAP
![Page 9: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/9.jpg)
Guardium arhitektūru modeļi
Port Mirroring Network Tap Software Tap
![Page 10: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/10.jpg)
S-TAP arhitektūra
![Page 11: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/11.jpg)
Atbalstītās Operētājsistēmas un DBVS
![Page 12: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/12.jpg)
Ko piedāvā Guardium?
Data base auto discovery
Classifier Security policy and reporting
Real time and correlation alerts
S-Gate and quarantine
Redact
Configuration audit system
(CAS)
Vulnerability assessment
Entitlement reports
![Page 13: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/13.jpg)
DEMO
![Page 14: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/14.jpg)
Cik tas maksā?
• Guardium cena tiek rēķināta, izmantojot Processor Value Unit (PVU) modeli, respektīvi cena lielākoties ir atkarīga no datubāzu vadības serveru fiziskās jaudas;
• Otrs svarīgais faktors ir izvēlētā funkcionalitāte:• Pamata funkcionalitāte – reālā laika sesiju analīze, log failu veidošana, kļūdu
paziņojumu veidošana pie politikas pārkāpumiem, atskaites;• Datubāzu automātiska atklāšana;• Klasifikators;• S-GATE sesiju bloķēšana un karantīna;• Atgriezto datu redaktēšana;• Konfigurācijas audita sistēma;• Ievainojamību skenēšana;• Piešķirto tiesību atskaites.
![Page 15: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/15.jpg)
Guardium mērķauditorija
• Lai Guardium ieviešana būtu veiksmīga un lietderīga, potenciālam klientam jāatbilst šādiem kritērijiem:
• infrastruktūrā ir datubāzes, kurās tiek glabāta sensitīva un/vai konfidenciāla informācija;
• klients apzinās gan ārējos, gan iekšējos riskus un potenciālos zaudējumus datu noplūdes gadījumā, kā rezultātā ir ekonomisks pamatojums datu aizsardzībai;
• Klients ir izstrādājis vai šobrīd izstrādā drošības politiku un saistītos procesus un procedūras;
• DPA klientu konferences piedāvājums
![Page 16: Datu bāzu drošība ar ibm info sphere guardium](https://reader033.fdocument.pub/reader033/viewer/2022061105/544408efafaf9f9c098b466d/html5/thumbnails/16.jpg)
Paldies par uzmanību!