IBM Security Guardium

 View Only

Am I Being Audited? Compliance Policy and Audit Process in IBM Security Guardium Insights v3.0

By RYAN SCHWARTZ posted Wed August 04, 2021 11:04 AM


Regardless of industry, data security compliance is critical.


Whether adhering to the various industry-specific and general regulations or responding to the growing customer demand for greater data security around sensitive personal data, organizations are faced with a variety of challenges.


“What should be our policy around the handling of sensitive data?”


“How do we monitor activity to ensure these policies are working?”


“How do we conduct an internal audit or prepare for external examiners?”


“How do we keep key stakeholders from across the business notified of changes in compliance?”


Ultimately, “how do we know we’re meeting compliance, especially when the regulations we must comply with may not be well-defined?”


Guardium Insights, with the release of Guardium Insights version 3.0, seeks to address these questions with the introduction of out-of-the-box and custom compliance policy, as well as the ability to define and schedule audit tasks. This helps to streamline the compliance process, automating what had largely been a series of manual steps.


Let’s take these new capabilities piece by piece:


Compliance policies

Compliance policies come in two forms in Guardium Insights: out-of-the-box templates and custom. You may be thinking “isn’t custom going to be more effective for my unique organization?”


Certainly, there are plenty of benefits to complete customization, but each policy template was developed based on customer and end user feedback, tuning the pre-built rules to meet common data activity monitoring and data security use cases out-of-the-box.


If you need to quickly setup compliance controls, pre-built templates are an effective option. If you have complex, specific needs that you cannot meet with the template approach, you have a range of monitoring and reporting rules to toggle to meet your goals.


Regardless of the route you choose, these compliance policies are comprehensive in the functions they deliver. Rules can range from detecting SQL injection to monitoring failed logins and spotting common database error codes. Each rule can trigger a response. Responses can range from simply logging issues to daily alerts to automatically notifying security analysts or compliance teams.


Audit Process

Defining the audit process means defining the tasks, task schedule, task owners, and the stakeholder ultimately signing off on the report. Guardium Insights provides workflows to quickly check all of these boxes.


With the new audit process capabilities, you can:

  • Specify the objective of the audit (whether you need to report on administrative logins or other user activity, for instance)
  • Build reports around this objective
  • Set the timeframe for that report
  • Schedule and assign tasks to team members that need to be involved in the audit
  • Automatically run and distribute findings to stakeholders at a specific day and time


Beyond this, each completed audit can be exported as a .csv file to provide to external auditors.


This, however, only scratches the surface of what Guardium Insights can provide to help you automate compliance and streamline your audit lifecycle.


To learn more, use these links below: