Presentation is loading. Please wait.

Presentation is loading. Please wait.

October, 2011 © Tango/04 Computing Group, Inc.

Published byAshlyn Larcher Modified over 9 years ago

Similar presentations

Presentation on theme: "October, 2011 © Tango/04 Computing Group, Inc."— Presentation transcript:

1 October, 2011 © Tango/04 Computing Group, Inc.
Data Access Monitoring (DAM) for IBM System i (a.k.a. POWER Systems / iSeries / AS/400) How to Protect Your Corporate Data and Comply With Regulations Easily Date October, 2011 © Tango/04 Computing Group, Inc.

2 How do you “audit” your bank?
You have no idea if your bank is using firewalls, antivirus, etc. Date Movement Euros Account Balance But you just need to see your account transactions to know if there is anything suspicious

3 Why audit your corporate data?
Legal and regulatory pressure keeps growing People’s rights Laws and regulations Inspectors and auditors 21 CFR Part 11 HIPAA Sarbanes-Oxley (SOX) Basel II SB 1136 European Privacy Laws PCI Food & drug industry Healthcare industry Publicly traded U.S. companies, their international branches and other related businesses (Japan: J-SOX) Banking & finance Companies operating in California EU companies using personal data Credit Card companies

4 How to audit your corporate data?
Available methods Pros and cons

5 How to audit your corporate data?
Access control is insufficient Greatest threat comes from legitimate users Most internal security breaches go undetected Most cases of data loss or corruption are caused by human error It does not comply with SOX requirements It does not comply with other regulatory requirements It does not meet best practice codes It does not protect data against the most common vulnerabilities

6 How to audit your corporate data? Field-level data audit methods
Application logs Incomplete (changes can be done by direct access) SQL Analysis / Sniffing Complex, incomplete, does not provide before/after images at field level, very difficult to understand, cannot set alerts based on data values, may not access encrypted SQL Custom Application changes Cumbersome, incomplete, requires development and maintenance Database Triggers Cumbersome, slow, may create security risk Native methods for every database system Optimal! Journals in System i are very efficient, and usually they are already in use

7 Auditing Your Corporate Data with Tango/04
New Tango/04 Data Monitor

8 New Tango/04 Data Monitor
A firewall for your corporate data Any change can be audited in real-time, including those performed by DBAs and legitimate users Without With There is no protection here Both External AND Internal Users are controlled

9 New Tango/04 Data Monitor
Prevent fraud, accidents and fines Record-level data auditing solution Who, What, When, Where? Capture all changes… and read access, too! Rapid, easy deployment Detailed information: User Real user (to control ODBC accesses, for instance) Timestamp Transaction type Enriched data (with virtual field support) IP address Library, Job, Process Low resource consumption and TCO Flexible reporting

10 New Tango/04 Data Monitor – Advanced Reporting
Flexible reporting simplifies your job Enforce your security policy Detect fraud and misuse of data Comply with regulations Easy to read, color coded, customizable reports

11 New Tango/04 Data Monitor – Advanced Reporting
Advanced reporting capabilities Before/after image Data masking (protect sensitive fields) Data enrichment (from any other table) Sensitive fields can be hidden shown (Salaries, Credit Cards, etc. Changes are clearly marked

12 New Tango/04 Data Monitor – Advanced Reporting
Group summaries Per user class Why are Security Officers modifying customer data?

13 Quickly spot suspicious activity
Advanced Reporting Group summaries Per real user Quickly spot suspicious activity Per application Per accounting code

14 New Tango/04 Data Monitor – Advanced Reporting
Group summaries Per transaction type

15 New Tango/04 Data Monitor – Advanced Reporting
Group summaries Per application It is easy to spot “strange” things here (such as DFU programs)

16 State-of-the-Art, Unparalleled Report Manager
Rapidly select what you want to see By date, time, user, file, operation type, key value, user group… Select transactions when a field has been modified, or a condition is met Example: FIRSTNAME = “John”, ADRESS LIKE “Beverly Hills %”, STATE <>“NY”, SALES >= 5000, YEAR < 2000 Create and use multiple Calendars to fine-tune your reports Detect suspicious changes during local holidays, weekends, unusual hours… iPad-compatible Report Manager

17 New Tango/04 Data Monitor
Use this data firewall to implement custom data auditing controls All changes to a sensitive table Detect DFU/SQL changes Who changed the SALARY table while logged in as a powerful user? Have any of these changes been made by someone not from the HR group? What changes have been made by programmers or security officers? What data has been deleted from the PAYMENTS file? Changes made without using the company’s ERP Changes during the weekend or after working hours All SALES table changes to the DISCOUNT field after invoice creation All SALES entered with a DISCOUNT within the normal range Changes made not using PRODUCTION/CHG05RPG program How many records were added/deleted/modified in the MASTER table during peak hours? Who is looking to the SALARY data? Number of deletes/adds/updates by user group, program, user class, etc. Are there any movements affecting dormant bank accounts? And much more!

18 New Tango/04 Data Monitor
Easily implement advanced COBIT controls SOX, J-SOX ISO Compliance

19 Data Monitor for IBM i Some Technical Highlights

20 Maximum, Unmatched Power
Ultrafast Audit Report Comprehension Add calculated data Add “virtual fields” with data from other tables to make compliance reports easier to read (see full names instead of codes) Key Description Customer Data, Country Name, Maximum Discount, User Department, User Status (has this employee been fired?) Cross-analyze transactions to see if they are valid Correlate Human Resource or Sales Policies data Is this employee on vacations? Is he/she in the building? Is the discount correct? Detect fraud, impersonation, etc. Smart filtering for storage savings Save only relevant transactions if desired Ex: CustomerType = “A” Save only relevant fields if desired Ex: TotalPrice not equal zero

21 Unlimited Automation: 360º Protection
Automation for Total Protection Execute actions when an expression is true (or always) Examples: If DISCOUNT = ‘Y’, then TOTAL := TOTAL * 0.8 If an expression is true, send a message to a Message Queue If (Too Much Discount) then Alert the Sales Manager If (Change Outside the Application or After Hours) then Alert the Security Officer If an expression is true, execute a command automatically Order a low-stock item Supports For/While cycles and External Program Calls for maximum flexibility Supports multiple record formats

22 Zero-Touch Administration!
Advanced Record Format Management for faster Deployment Format Autodiscovery! Can automatically load record formats Can automatically detect and update record format changes Automatable Data Repository Cleaning for easier Maintenance Clear roll-backed transactions Clear historical data By date range Keep a number of days Automatically! Automated Report Delivery to make Auditors Happy , Web/Intranet (HTML format) Multiple format conversions Flexible scheduling

23 New Tango/04 Data Monitor
Near-zero impact on system performance Reusing your existing journals for data auditing in iSeries Remote journal support The Data Monitor repository can be located at the Primary System or at the backup LPAR Data Data Monitor Audit File IBM i OS Journal Remote Journal OS/400 Primary Secondary

24 New Tango/04 Data Monitor
Minimal use of disk space in production systems Saving your audit trail files on an external server (remote journaling) Oracle, SQL Server, etc… (This also adds more security to the audit data base) Data Data Monitor Audit File IBM i OS Journal Data Monitor Audit File Primary Audit Server

25 Application enrichment
And Much More Application enrichment Use Data Monitor to have a history of changes of customer accounts with no programming Including web-based reports! Read-only access auditing Requires an additional license (Beware! Auditing all reads in a heavily utilized application it is VERY CPU intensive!) Business Rules control / BAM / Operational Business Intelligence Alerts immediately to anything out of the ordinary! Send alerts to Tango/04 SmartConsole (sold separately) and/or message queues in real time Easy definition of rules “Stock below minimum levels” “Dormant account was modified by user JSMITH” “Purchase Order totaling more than 2,000 US$ approved by a user with no credit approval permission” Collect KPIs with virtually no performance impact!

26 Unique Capabilities – Years ahead of the competition
Differentiators Ease of Use Customizable No triggers used IBM i 7.1 ready (previous versions supported) Flexible, Web-based, iPad-compatible Reporting System Maximum information Low Performance Impact Remote Journal Support Automatic Double-Byte Support Allows reporting in original field character code Katakana, Chinese, Hebrew… Independent ASPs (iASPs) Support Changes to the schema (formats) are recorded and audited Alerts on Table Drop (DLTPF), End Journaling, Delete All (CLRPFM)

27 How to audit your corporate data?
Practical advice Conclusions

28 Practical Advice and Conclusions
View data auditing as the basis for compliance and BSM Data auditing is required by many regulations Compliance is an opportunity to improve your security policy Scale-up your project Service Level Management ITIL BSM ISO 17799/27001 Obtain maximum functionality Audit all suspicious logs and events Unique console, advanced reports Business Impact Analysis Business Service Management (BSM) and IT Governance IT Security ISO 17799 Data Auditing COBIT ITIL

29 Practical Advice and Conclusions
SOX Compliance Upgrade to the Tango/04 VISUAL Security Suite (SIEM) and enjoy Real Time Dashboards, advanced alerting, multiplatform coverage, complex event correlation and much more (sold separately) and create Real-Time Security dashboards

30 Practical Advice and Conclusions
SOX Compliance and beyond COBIT Control Dashboards KRI (Key Risk Indicators) KPIs Infrastructure Monitoring Availability and Service Level Management Business Process Optimization Continual Service Improvement

31 Large Insurance Company
Data Monitor for iSeries Case Study: High Throughput, Minimal CPU usage Large Insurance Company Problem: strong internal auditing requirements, need to control, European privacy laws compliance Transactions : +2 Millions per hour +1,000 Millions per month Dozens of terabytes in hundreds of tables Complex requirements Field preprocessing to obtain the real user id Filtering of non-critical transactions Only 0,04% stored (99,96% discarded) CPU: less than 3% Very rapid deployment High customer satisfaction Later, they upgraded to the full Tango/04 VISUAL Security Suite for added protection

32 Practical Advice and Conclusions
Use automated solutions Simplify auditing Protecting your data is protecting your business Anti-Fraud, COBIT, ISO, SOX, J-SOX, HIPAA, 21 CFR Part 11, Central Bank Regulations, etc. Insert your project in a continuous improvement cycle Use best practices Let us help you! Reuse our knowledge from hundreds of worldwide projects Tango/04 and its business partners can provide you with the support you need Data is your most valuable asset Audit your critical data easily and affordably Technology is on your side Rapid, non intrusive auditing Obtain reports and demonstrate compliance Real time detection of deviations and breaches Prevent fraud Detection, Forensics, Dissuasion

33 About Tango/04

34 Tango/04 Computing Group, Inc.
Software company, founded in 1991, European Leader in Service Oriented Monitoring Branch offices in: customers around the world + 50 business partners worldwide 11 out of the world’s 20 largest banks Worldwide alliance with Only monitoring solution appearing in two Gartner Magic Quadrants (ECA/SIEM) Specialized on multiplatform solutions for : Monitoring and IT Governance Security Compliance and Control Business Service Management New Hampshire Paris Geneva Buenos Aires Santiago Vercelli Barcelona Sao Paulo Bogotá

35 Selected Tango/04 customers worldwide
11 out of the 20 biggest banks in the world are using Tango/04 solutions Selected Tango/04 customers worldwide IBM SONY Barnes & Noble Johnson & Johnson VISA Nestlé Telefónica Ford Tupperware L’Oréal Random House Avon Coca-Cola Miele Raiffeisen Bank Nike Shell Chase Santander Chrysler Government of Amsterdam Bridgestone/Firestone Bacardi BMW Bayer Volkswagen Toyota Novartis BAI – Banco Africano do Investimento 3M City Group DeCecco London Stock Exchange Boehringer Ingelheim Kia Zurich Insurance Honda Danone Mercedes Benz Liberty BBVA And many more

36 We deployed Sarbanes Oxley controls very rapidly with it.”
“I love Tango/04! We deployed Sarbanes Oxley controls very rapidly with it.” D. Keating, IT Manager, Henry Schein (USA) For more customer quotes, case studies, and additional resources visit our web site at your convenience

37 Thank you for your attention!

Download ppt "October, 2011 © Tango/04 Computing Group, Inc."

Similar presentations

Complete Event Log Viewing, Monitoring and Management.

Complete Event Log Viewing, Monitoring and Management.
ProAssist ® complex assistance services management system Global Assistance & INGENIUM Praha.

ProAssist ® complex assistance services management system Global Assistance & INGENIUM Praha.
1 Authority on Demand Flexible Access Control Solution.

1 Authority on Demand Flexible Access Control Solution.
BalaBit Shell Control Box

BalaBit Shell Control Box
GALVESTON COUNTY, TX P-CARD TRAINING GALVESTON COUNTY.

GALVESTON COUNTY, TX P-CARD TRAINING GALVESTON COUNTY.
Which server is right for you? Get in Contact with us 021- 671 2170

Which server is right for you? Get in Contact with us
Complete Event Log Viewing, Monitoring and Management.

Complete Event Log Viewing, Monitoring and Management.
Syslog for SIEM using iSecurity Real-Time Monitoring of IBM i Security Events.

Syslog for SIEM using iSecurity Real-Time Monitoring of IBM i Security Events.
Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
1 DB2 Access Recording Services Auditing DB2 on z/OS with “DBARS” A product developed by Software Product Research.

1 DB2 Access Recording Services Auditing DB2 on z/OS with “DBARS” A product developed by Software Product Research.
Mobile Resource Manager v2. Core Pillars  Engine - High fuel costs, vehicle maintenance  Productivity - Customers expect increasing levels of service.

Mobile Resource Manager v2. Core Pillars  Engine - High fuel costs, vehicle maintenance  Productivity - Customers expect increasing levels of service.
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
Compliance on Demand. Introduction ComplianceKeeper is a web-based Licensing and Learning Management System (LLMS), that allows users to manage all Company,

Compliance on Demand. Introduction ComplianceKeeper is a web-based Licensing and Learning Management System (LLMS), that allows users to manage all Company,
SOFTWARE PRESENTATION ODMS (OPEN SOURCE DOCUMENT MANAGEMENT SYSTEM)

SOFTWARE PRESENTATION ODMS (OPEN SOURCE DOCUMENT MANAGEMENT SYSTEM)
Security Controls – What Works

Security Controls – What Works
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
…your guide through terrain

…your guide through terrain
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management

Similar presentations

Ads by Google