Guardium acquisition will enable IBM clients to maintain trusted information infrastructures by continuously monitoring access and activity

(02/12/2009)

According to the recent IBM Global CIO Study, one in three business leaders frequently make decisions based on information they do not trust or do not have. With renewed focus on transparency and accountability, businesses and government agencies cannot afford to make decisions based on data that has been compromised. To succeed, organizations need to maintain a vigilant real-time watch on database access to protect enterprise data and comply with regulatory requirements such as HIPAA and the European Data Protection Directive, the U.S. federal government’s NIST 800-53 standard and industry mandates such as the PCI-DSS.

Trusted information lies at the center of today’s business transformations. To succeed in a dynamic business environment, organizations must unlock the value of critical information stored in silos within and outside of the organization, while still safeguarding it from unauthorized access or changes.

IBM has acquired Guardium, a privately held company based in Waltham, Massachusetts. Guardium’s technology helps clients safeguard data, monitor database activity and reduce operational costs by automating regulatory compliance tasks. Financial terms were not disclosed.

The acquisition of Guardium will enable IBM clients to maintain trusted information infrastructures by continuously monitoring access and activity to protect high-value databases against threats from legitimate users and potential hackers. It will also help clients streamline compliance processes for ever-changing industry and government mandates with centralized and automated controls for all major platforms.

The combination of IBM and Guardium technology will help organizations safely realize the promise of business analytics and use trusted information to drive smarter business outcomes. Designed for cross-platform environments, Guardium’s technology identifies patterns and anomalies in data access and usage allowing organizations to maintain the integrity of their data and turn it into a strategic business asset. The monitoring capabilities of Guardium’s technology also detect fraud and unauthorized access via enterprise applications such as an organization’s ERP, CRM or Data Warehousing solutions.

“Organizations are grappling with government mandates, industry standards and business demands to ensure that their critical data is protected against internal and external threats,” said Arvind Krishna, general manager, IBM Information Management. “This acquisition is another significant step in our abilities to help clients govern and monitor their data, and ultimately make their information more secure throughout its lifecycle.”

The Washington Metropolitan Area Transit Authority (Metro) operates the second largest rail transit system in the United States and transports more than a third of the federal government to work. Washington Metro needed to safeguard sensitive customer data and simplify compliance with the Payment Card Industry Data Security Standard (PCI-DSS), without impacting performance or changing database configurations. With more than 9 million credit and debit card transactions yearly, Metro is classified as a top-tier Level 1 merchant by the PCI-DSS standard. With Guardium’s technology, Metro gained granular visibility into all database transactions, allowing them to protect the privacy and integrity of their critical data and identify potential fraud in their ERP/HR system.

“Guardium gives clients unprecedented visibility and control over their data access activities while taking advantage of automation to deliver rapid return on investment,” said Ram Metser, chief executive officer of Guardium. “The combination of IBM and Guardium provides clients with a comprehensive solution for safeguarding critical enterprise information and preventing fraud without the complexity of traditional approaches.”

This acquisition extends IBM’s business analytics strategy, including the range of offerings available through IBM’s recently-announced Business Analytics and Optimization Consulting organization with 4,000 consultants, a network of analytics solution centers, and an overall investment of more than $12 billion in organic growth and acquisitions.

IBM will integrate Guardium within IBM’s Information Management Software portfolio which has more than 35,000 experts dedicated to helping clients use information as a strategic asset to transform their business. This marks the 28th acquisition to support the Information Management initiative.

In response to IBM’s acquisition of Guardium, Shlomo Kramer, CEO of Imperva commented: “IBM’s acquisition of Guardium brings a major player into the data security market. However, in the long run, Big Blue will find that their purchase will not fully meet market needs. Today’s enterprises are shifting away from siloed security products in favor of an integrated approach that protects more than just databases. Security professionals need to understand how sensitive data is accessed by internal and external users through business applications to block malicious insiders and hackers. IBM may have just added a new product to their extensive catalog, but they’ve also created a major integration headache if they wish to fully meet customer demands.”

Related topics:  Data management and data security 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources