The Challenge
Northdoor has helped a retail and corporate banking unit of one of the largest financial services companies in Japan. The bank was finding that native logging on production Oracle and SQL databases was impacting on system performance and user experience. Also the existing monitoring solution was not flexible and lacked scalability. Other challenges included:
- No defined monitoring policy and incident handling processes in place
- Audit reports run overnight with no real time monitoring capability
- Limited available resource in the internal security team
The Northdoor Solution
Northdoor implemented IBM Guardium Database Activity Monitor to provide real-time policy-based reporting.
The solution also enabled:
- The provision of 100% visibility of all database activity including local DBA access
- Built-in reports customised to meet specific audit points
- Compliance and internal audit readiness
- All privileged user activity to be correlated to an internal change record or password release request
- Automated reporting and alerting to now be within internal incident management system
Benefits
- Separation of duties with logs held in tamper-proof repository
- No application changes were needed and minimal impact reported on database performance
- Integration with existing TSM backup infrastructure
- Guardium software (STAP) is now part of internal database host build to ensure global policies are enforced on new data sources in the enterprise
- Scalable architecture model (Collector, Aggregator and Central Policy Manager) to accommodate business growth and new database instances
- Granular policies implemented with monitoring and auditing to provide Who, What, When and How.