The Challenges
Some of the biggest challenges facing security professionals today include addressing a much more data-centric risk landscape and achieving compliance with a variety of data security and privacy regulations with limited resources and within extremely complex data environments.
New threats to databases have proven, sometimes in very public ways, that traditional security methodologies alone are no longer sufficient to mitigate corporate data risk. This is partly because thieves are more sophisticated as well as more motivated by a black market that puts a high price on personal information. Insider threats to data have also increased. Disgruntled employees have found a new way to get back at employers. Honest employees misuse data accidentally because they are unaware of security policies, and partners, like outsourcers, create another type of insider that needs to be monitored.
In addition to these challenges, most enterprises do not know where critical data resides throughout the enterprise and have little insight into who is accessing data or how it is being used. This makes it very difficult for security professionals to identify and qualify the specific security issues facing the enterprise, let alone mitigate them.
Security experts are being challenged to re-think their approach to data security because traditional perimeter security will not prevent the next attack or data breach. Today’s security professionals need to think “inside out” when it comes to protecting data. That means securing data at the core and putting controls as close as possible to the data itself. This is data-centric security and it requires a new approach.
With data-centric security, security professional can answer critical questions such as:
- Who are the privileged users?
- What roles do the privileged users have?
- What are the privileged users doing with critical data?
- What applications are accessing the data?
- Where is my most sensitive data located?
- Who’s accessing the data and what are they doing?
- Is there any suspicious behavior taking place?
- What data is leaking from the core database systems?
- Do we have separation of duties violations?
Traditional security systems were not designed to answer these questions and will fail when it comes to protecting your data. Data-centric security requires new thinking and new solutions.
Database Activity Monitoring
Database Activity Monitoring (DAM) has become a cornerstone of data centric security. DAM provides unmatched visibility into what users are doing with data. It puts the focus on core data servers where millions of records are stored. DAM provides a window into data location, database changes and user access behavior and has the ability to recognize and take action in response to misuse of sensitive data. Similar to what DLP does at the edge of the enterprise DAM assures data security and data compliance at the core where the biggest data risks exist. And, it complements traditional security and works in complex data environments.
Mantra Database Monitoring and Protection
Deploys faster, works faster, easiest to use
Mantra is the most intelligent and easiest to use DAM solution on the market today. Mantra deploys quickly in even the most complicated data environments and is up, running and productive within hours of deployment. Mantra’s discovery capabilities are best in class, allowing security professionals to locate sensitive data; by data type such as Social Security numbers and credit card numbers; see how data is being used and by whom, and automatically create security policies based on discovery findings. In addition to finding and classifying data in motion, Mantra discovery can proactively locate databases on your network and locate and classify data at rest.
Mantra is also the only solution to include patent-pending Behavioral Fingerprinting® analytics for highly accurate anomaly detection. Real-time and policy driven, it provides non-inline blocking--session termination, to stop unauthorized activity, as well as alerting and security reporting—all in real-time.
Netezza's customers use Mantra to address difficult compliance and security challenges such as privileged user monitoring, separation of duties and core database security. Netezza customers chose Manta over other DAM solutions because it delivers the highest value for a lower cost of total ownership, scales to the largest data centers and is the easiest to use and manage. Read more about Mantra.
Mantra Highlights
- Automated, best-in-class data discovery—discovers data at rest, data in flight and databases on the network
- Privileged user monitoring – audit all DBA, developer or powerful account activity at a very fine-grain level
- Alert on unapproved or suspicious behavior – send alerts to email, pager or syslog
- Block unapproved activity – accurate, policy-driven session termination
- Report on all activity – summary and detailed reports on “who is doing what” with critical data.
- Behavioral Fingerprinting® –automatically identifies suspicious behavior in real time, eliminating the need for complex baseline policies which generate volumes of false positives.
- Content Scanning –locates any type of sensitive or regulated data and includes in-the-box scanning policies for locating cardholder numbers from all of the major credit cards