DataThread ushers in a new generation of database auditing for IBM i servers.
While we often hear that it's the people that are an organization's greatest asset, I think many would agree that data comes in at a photo-finish second place. Without it, most businesses couldn't take orders, manufacture and distribute products, invoice customers, or make timely business decisions. Data is the lifeblood of the technology infrastructure that our enterprise runs on, and without it the modern enterprise cannot survive.
Unfortunately, most companies emphasize the protection of data through disaster recovery and high availability planning, and they don't put the necessary controls in place to ensure that day-to-day use of the data is appropriate and authorized.
One way to help ensure the protection of critical data from human interaction is with DataThread, the real-time database monitoring tool. If you haven't seen this amazing solution in action, stop and see if you can answer these five questions:
- Can you list (and prove!) every single way that your data is accessed?
- Can you provide an auditor with the full change history of a sensitive data element?
- Do you require electronic signatures for important data changes? (See Figure 1.)
- Can you easily filter out trusted applications from your audit reports?
- Are application owners notified in real time, (via email) the instant their data is changed outside of a control boundary? (See Figure 2.)
If, like many people, you can't answer a resounding "Yes!" to all five questions, then you need to explore the extraordinary control DataThread brings to your database. No matter whether you are under the scrutiny of a regulatory standard, such as the Payment Card Industry Data Security Standard (PCI DSS), or you just want to ensure the integrity of critical data assets, DataThread can provide visibility into the actions of users—regardless of whether they use an approved application or powerful (and hard to monitor) tools like SQL and DFU.
Figure 1: You can use DataThread to request approval before making a database change. (Click images to enlarge.)
Figure 2: DataThread sends a notification of a database change.
The power of DataThread comes from its ability to rapidly analyze database journals to find the events that are important to you. DataThread can take advantage of journal receivers that you're already using, or it can configure new ones for you. DataThread also can use triggers to let you know who is even looking at individual data records. Ask your PCI auditor if that feature would be helpful! If a breach does occur, you can identify which individual records were exposed rather than having to assume it was the entire file or database. That simple feature alone could justify the cost of DataThread.
DataThread also includes powerful workflow features that allow actions to be performed when certain criteria are met. For example, have it send an email when a salary field changes by more than $1,000 or have it invoke a re-ordering program the instant the widgets inventory falls 10 percent below the desired stocking level.
Of course, one of the most challenging parts of auditing in the real world is the volume of audit data that needs to be reviewed. Some companies generate gigabytes of audit information every day! Having to pour over reams of paper reports is like looking for the proverbial needle in the haystack and likely will lead to missed events and eventually less (or no) ongoing review. Having a server monitor itself, and escalate only important data events, is critical to facilitating a quick response and reducing risk.
DataThread perfectly complements PowerTech's existing full line of security solutions, from exit point monitoring for network access, to powerful user control and system audit reporting. We even offer a real-time event agent to integrate your Power Systems server with enterprise Security Information Management (SIM) technology.
So, if your compliance needs have you looking for a solution to the database dilemma, take a closer look at DataThread! You'll be glad that you did.
as/400, os/400, iseries, system i, i5/os, ibm i, power systems, 6.1, 7.1, V7, V6R1