Subscribe Using Email

Monday, March 13, 2017

Guardium's Groupy Action at a Distance

by John Haldeman, Enterprise Architect

I've heard this a lot lately:
I updated my group and reinstalled my policy, but the change to the group doesn't look like it was applied.
(Note: See correction below. This doesn't apply to policies but only to reports)

Well, this could be a result of a recent change to how groups work in Guardium. The best thing about it is that reports that use a lot of group members are going to run faster (especially if the CM is far away from the unit running the report). The worst thing about it is that you need to know more about how things work in order to see your changes applied immediately.

Tuesday, March 7, 2017

InterConnect 2017 - See You There!


Attending IBM InterConnect later this month? Good news - we are too! Our team is looking forward to seeing old friends and colleagues, face time with technical experts and learning about the new technologies that are shaping data security.

This year we went all in. We’ll be available to connect each day in different ways. Join us in the morning for our hosted CoffeeHour at Starbucks, attend one of our events, catch Matt Simons speaking on a data protection healthcare panel or visit with us on the Concourse at booth 930.

We’re ready to have an engaging and exciting few days in Las Vegas! See you there.

Here is our daily agenda:

Sunday, March 19th – Friends and Family Gathering

Friends and Family Gathering
Take a break from InterConnect and fiesta with us for a while! Join the team at CHAYO for our annual Friends and Family Gathering. RSVP to join us.

5:00-7:00pm, CHAYO at The LINQ

______________________________________________________________________________


Monday, March 20th – CoffeeHour + jSonar and Info Insights Happy Hour

CoffeeHour
We’ll be hosting our CoffeeHour Monday – Wednesday at the Starbucks near The Shoppes at Mandalay Place, right across from RM Seafood. Start your day off with your coffee on us, and avoid the long coffee lines at the conference entrance!

7:00-8:00am, Starbucks, The Shoppes at Mandalay Place

jSonar and Info Insights Happy Hour
Join our teams at one of our favorite post-InterConnect spots for margaritas, tacos and as always, fun conversation! Our special guest is Ron BenNathan, CTO/Founder of jSonar, previous CTO at Guardium and renowned expert and author of database security. RSVP to join us.

5:00-7:00pm, Border Grill inside Mandalay Bay

______________________________________________________________________________

Tuesday, March 21st -  CoffeeHour + The Doctor is in: Data Protection for Healthcare Panel

CoffeeHour
We’ll be hosting our CoffeeHour Monday – Wednesday at the Starbucks near The Shoppes at Mandalay Place, right across from RM Seafood. Start your day off with your coffee on us, and avoid the long coffee lines at the conference entrance!

7:00-8:00am, Starbucks, The Shoppes at Mandalay Place


The Doctor is in: Data Protection for Healthcare Panel - Matt Simons
To protect patient data across a company's fast-growing organization, greater visibility into who has been accessing what resources and the ability to more quickly correlate and analyze log data is essential. Join this healthcare panel to hear from healthcare clients on: when they decided they needed data security, how they convinced others, how they planned their security rollout, what challenges they faced, who supported the deployment, what kinds of skills they needed, and what were the benefits they found—including any unanticipated benefits.

2:30 PM - 3:15pm, Palm A, Session ID: 6979A

______________________________________________________________________________


Wednesday, March 22 - CoffeeHour + Pre-IBM Rocks Speakeasy

CoffeeHour
We’ll be hosting our CoffeeHour Monday - Wednesday at the Starbucks near The Shoppes at Mandalay Place, right across from RM Seafood. Start your day off with your coffee on us, and avoid the long coffee lines at the conference entrance!

Pre-IBM Rocks @ 1923 Speakeasy
Join us for pre-concert cocktails at 1923 - speakeasy style! RSVP to join us.

4:30 – 6:30pm, 1923 inside Mandalay Bay

______________________________________________________________________________

InterConnect Concourse

We are an InterConnect exhibitor. You can find us daily on the Concourse, booth 930.


We hope to see you at InterConnect! Please feel free to reach out to us with questions: bill@infoinsightsllc.com



Wednesday, December 14, 2016

Building a New Column to List the Guardium Group Membership of DB Users

by John Haldeman, Enterprise Architect

Sometimes it's useful to know whether some of the data shown in a report is in a Guardium group without having to look up the group data elsewhere or modifying your conditions.

Let's take an example. Say you have three classifications of user:

  1. DBAs or other highly privileged users
  2. Non-DBA, direct-access users: people that connect directly with personal accounts
  3. Service accounts: users that belong to application or batch processes

You want a report showing all connections but a column indicating that the user is in one of those groups or unclassified.

Tuesday, November 15, 2016

An Apparent Guardium V10 GUI Bug that Prevents Configuration of Domain Authentication for MS SQL Server - And It's Workaround

by John Haldeman, Enterprise Architect

Today someone on our team ran into an issue with connecting to a MS SQL Server database using a domain authenticated user. It was the second time this happened to us, so I thought I would write a blog post in case someone else encounters it. You might already be familiar with the special considerations for making SQL Server domain authenticated connections in order to set up things like entitlement reports and vulnerability assessments. Specifically, you need the jTDS driver and some special configuration as outlined in this support document:
              https://www-01.ibm.com/support/docview.wss?uid=swg21675924

The problem is that we've encountered what looks like a bug in Guardium V10's GUI that prevents connection properties from being saved. This is with V10 GPU 125 applied. I think it's likely it affects all current V10 versions, but can't be sure. What that means is that the "domain=<your domain>" instructions listed at the end of the support document don't seem to work. When you test the connection, you'll get failed login errors and when you exit and try and edit the datasource again you might find that the domain parameter that you enter disappears - it looks like it isn't being applied to the datasource definition.

Wednesday, October 5, 2016

How Do SonarG and Information Insights Solve Common Infrastructure Optimization Issues for your Existing Guardium Deployments?

Partnering for Even More Secure Enterprise Data Infrastructure


Earlier this year, Information Insights announced a partnership with jSonar, enhancing data security capabilities with the SonarG solution for further optimizing Guardium environments. Led by Ron Ben Natan, former CTO/founder of Guardium, this additional layer of protection takes advantage of next-generation Big Data technology to enhance and expand the platform’s resources in a number of key areas.

Since that announcement, I’ve met with many of jSonar’s Guardium clients to discuss SonarG, receiving feedback on our approach, along with insight into current challenges and goals for expanding the functionality and value that they get from Guardium. 

We were quickly able to pinpoint the source of SonarG’s enthusiastic adoption - it provides a powerful set of capabilities that perfectly complement the challenges and goals that the majority of Guardium deployments are facing.

Over the next few weeks, we will outline the findings from these conversations to address common concerns from customers, along with insight into how these are solved via SonarG – focusing on three major areas of enterprise data management: infrastructure optimization, improving data access and enabling security analytics.

Monday, August 1, 2016

Information Insights Expands Data Security Capabilities


                                               

Information Insights Expands Data Security Capabilities with BTRG Practice Group Acquisition

Through the recent acquisition of the Data Security/ Governance Practice of The Business & Technology Resource Group (BTRG)), Information Insights strengthens the delivery capacity and competency of their Nationally-Recognized Data Security Practice.

August 1, 2016 (Atlanta, GA) – Information Insights, LLC, an IBM Premier Business Partner, is pleased to announce their recent acquisition of BTRG’s Information Governance Practice. BTRG is a leading industry partner, known for providing comprehensive security strategies and data masking.

“The addition of BTRG’s proven Data Security and Information Governance team to our group expands our ability to deliver data security solutions to an expanding client base, in a time when data security is a critical issue for all enterprises. At the same time, the complementary nature of the teams allows Information Insights to maintain a tight focus on delivering excellence in our core competencies and enhances our Guardium Managed Services capability,” said Bill Crawford, Information Insights’ President. “Additional Data Security capabilities let us be very responsive to our clients and our partners. Adding the BTRG team allows us to quickly bring talented resources to bear on time sensitive initiatives, like securing enterprise data assets.”

Information Insights helps clients improve their security posture through robust data security, privacy and encryption strategies and solutions. By joining BTRG with their team, Information Insights increases the delivery capacity and tools at their disposal to help clients advance their data security programs, while at the same time addressing key business challenges around privacy, compliance and scalability.
To learn more about how Information Insights safeguards enterprise data through activity monitoring, encryption and masking of critical IT assets, visit them online at www.infoinsightsllc.com.
____________________________________________________________________________
About Information Insights
Information Insights, LLC, North America’s only Gold Accredited Guardium Partner, is a software solutions provider focused on helping companies improve enterprise data management. With domain expertise in the areas of data security, data privacy and data lifecycle management, Information Insights has the skills and experience required to help clients drive cost reduction and risk mitigation in their enterprise application portfolios.


Friday, April 29, 2016

Don't Ignore More Than You Expect - Notes On Whitelisting Objects in Policies

by John Haldeman, Enterprise Architect

We had a customer using DB2/z that was receiving a lot of events from SYSIBM.SYSDUMMY1. So, they wanted to implement a rule as shown in Figure 1:
Figure 1: Policy Rule to SKIP LOGGING on SYSIBM.SYSDUMMY1 - Click to Enlarge
This seemingly simple and innocuous rule has some unintended consequences. That's what this blog post is all about.