SecureSphere 7.5 Introduces User Rights Management, Streamlines Database Auditing
London, UK – February 2010 – Imperva, the leader in data security, today announced a major update to its market-leading Data Security Suite. The release extends Imperva’s database auditing solution with numerous platform, storage and scalability enhancements and introduces User Rights Management for Databases (URM), which allows organizations to automate the process of finding and eliminating excessive user access rights to sensitive data. This capability helps enterprises reduce the risk of insider abuse and data theft as well as achieve compliance with regulations such as PCI DSS and Sarbanes-Oxley that mandate limiting user access rights to a “need to know” basis.
“URM will help security professionals better understand who should have access to sensitive data. For instance, suspicious activity from employees, contractors, and partners downloading data they shouldn’t see can be quickly identified,” explained Brian Contos, Imperva’s chief security strategist and author of Enemy at the Water Cooler and The Convergence of Physical and Logical Security. Rogue insiders can be the source of major data theft. For example:
-
Ford Motor Company’s intellectual property was stolen with the intent of giving it to a Ford rival in China.
-
A Coca Cola formula was stolen by several employees who tried to sell it to Pepsi.
-
DuPont experienced a $400M theft in valuable research from a single employee trying to gather documents before joining a competitor.
“In tough economic times, insider threats go up—but the ability to prevent them remains limited. By tightening the control over user rights enterprises can reduce the risk associated with insider data theft.”
Key highlights of SecureSphere 7.5 include:
-
User Rights Management for Databases – automates the labor intensive process of aggregating user rights across heterogeneous databases, identifying rights pertaining to sensitive data and validating those rights against users’ organizational context and data access patterns.
-
Improved agent management technology for SecureSphere Database Activity Monitoring (DAM) and SecureSphere Database Firewall (DBF) – with new agent analytics, configuration, filtering and remote management capabilities, Imperva enables enterprises to manage large scale environments that include hundreds and thousands of audited databases.
-
Virtualized Discovery and Assessment Server (Virtual DAS) – enables customers and partners to easily perform periodic vulnerability assessments, data classification and user rights review for databases by carrying a virtual DAS instance on a laptop. Customers can also deploy multiple instances on the network for maximum coverage without deploying physical appliances.
-
SecureSphere Agent for DB2/400 —integrates DB2/400 platform coverage into the SecureSphere comprehensive Database Activity Monitoring (DAM) solution.
-
New Data Security Hardware Appliances with increased storage capacity, easier management and simplified deployment. These enhancements help security professionals protect and audit more web applications and databases to mitigate insider threats and external hackers.
SecureSphere 7.5, URM for Databases, and the SecureSphere Agent for DB2/400 are scheduled for general availability in March 2010. Virtual DAS is available now. Please contact Imperva or an authorized reseller for pricing information.
Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world’s leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.
Source: Eskenzi PR Ltd