SecureSphere 6.0 delivers security and compliance

Imperva
does it again with their latest release of SecureSphere 6.0. This release
builds on its previous release by delivering security and compliance in one
robust package.

According
to Mark Kraynak, director of strategic marketing for Imperva "SecureSphere
version 6.0 is designed to address three major challenges facing organizations
today — data governance, data protection, and operational efficiency. Data
governance is critical for compliance and maintaining data integrity,
protection is self explanatory, while operational efficiency is all about the
need to achieve governance and protection without breaking the bank."

What
does this jargon mean? Simply stated, large corporations need a better way of
making sure sensitive application and databases are being monitored as securely
as possible. In version 6 of SecureSphere, this process is automated by
providing the following:

  • Server
    Discovery
  • Sensitive
    Data Discovery
  • Web
    Application Security
  • Usage
    Visibility & Control

SecureSphere 6.0 features
several technology improvements, including server discovery, which discovers
application and database servers that may not be documented via change
management. This includes the discovery of rogue applications. Another great
feature is the detection of sensitive information such as Social Security
numbers, credit card numbers, etc. to be placed in the appropriate policy
control.

Kraynak
goes on to say "With this new release we have focused on automation and
simplification of activities that are time consuming, prone to human error, and
require expertise that may be lacking in-house. For example, we have added
automated data discovery and sensitivity ranking, a task-based management
structure that allows for very granular user roles, and new controls that
monitor data access via privileged users and scripts without requiring changes
to work processes."

Let’s now add Business
Compliance reporting and we have found the “fountain of youth.”

Kraynak
says, "One of the biggest complaints we hear from security and database
teams is the complexity and time consuming nature of regulatory compliance
report creation and review. To address this problem, we’ve built a powerful new
reporting framework with pre-made report templates that gather the data
required for given regulatory mandates and are tailored to know where specific
business applications store data. The framework also supports the modification
of templates and the creation of user-defined reports. To automate the process
further, SecureSphere provides workflow capabilities that can be used to
control multi-step tasks such as report review cycles that span groups of
individuals and departments."

Examples
include:

  • Mandate-
    and application- specific report templates:
    To take the guesswork out of compliance reporting,
    SecureSphere ships with new pre-made reports that are tailored to the
    unique information requirements of leading enterprise applications,
    including Oracle eBusiness Suite and SAP, as well as regulatory mandates
    such as PCI, SOX, and HIPAA.

  • Robust
    and flexible reporting framework:
    Provides point-and-click facilities for
    customizing pre-defined reports and generating new reports unique to an
    organization. In addition, users can easily schedule recurring report
    generation and distribution to multiple groups in a variety of formats.

  • ADC
    Insight Services:
    These automatically delivered intelligence modules
    package the information needed to instantly set-up SecureSphere to
    monitor, audit, protect specific business applications and meet one or
    more regulatory compliance requirements. ADC Insights are continuously
    updated as applications, mandates, and industry best practices change.

“Maintaining the
integrity and security of data used by business applications is complicated,
time consuming, and often spans multiple groups within an organization,” said Shlomo Kramer, president and CEO of Imperva. He goes on to say “With this new release of
SecureSphere we have brought together reporting intelligence with automated
protection and management capabilities to cut out much of the manual work
needed to secure application data and comply with regulatory mandates.”

Additionally, Large
corporations and Application Service Providers (ASPs) that require the ability
to delegate tasks that span security, audit, and compliance, SecureSphere
provides a new hierarchical management system and workflow engine. This
framework aligns management activities to mesh with how organizations are
structured and govern their IT operations. SecureSphere can specifically:

  • Map
    to Business Structure:
    SecureSphere
    allows organizations to map management and audit activities by
    physical location, business unit, functional group, etc., and create
    granular role-based user accounts with controlled access rights and
    privileges.

  • Automate
    and Control Processes
    : For
    multi-step tasks that span groups of individuals and departments, the
    SecureSphere management console has been enhanced with workflow
    capability. For example, from SecureSphere users can create workflows to
    schedule/coordinate review cycles for compliance reports and logs, and
    monitor change control activities that require approval by security and
    operations teams.

For more
information, visit www.imperva.com. Imperva
is the leader in application data security and compliance. Leading enterprise
and government organizations worldwide rely on Imperva to prevent data theft
and abuse, and ensure data integrity. The company’s SecureSphere products
provide data governance and protection solutions that monitor, audit and secure business
applications and databases. Imperva SecureSphere is available immediately from
Imperva and its business partners worldwide. Pricing starts at $30,000 USD.

»


See All Articles by Columnist
Steven S. Warren

Steven Warren
Steven Warren
Steven S. Warren is a popular author residing in Winter Haven, Florida with his wife Danna and 2 children: Catie-Charlotte and Dain. As a columnist on such well-known IT web sites as Techrepublic.com, CNET, and ZDNET, Steven has published numerous articles. Additionally, Steven holds the following certifications: MCDBA, MCSE, MCSA, CCA, CIW-SA, CIW-MA, Network+, and I-Net+. As a Senior Technical Consultant for The Ultimate Software Group, Steven has become an expert at administering Microsoft networks including Microsoft SQL Server. He is also a computer hardware and troubleshooting expert, and is constantly seeking out new technologies and certifications. Additionally, Microsoft recently awarded him the Most Valuable Professional (MVP) award for his outstanding achievements. Steven resides in Winter Haven, Fl.

Latest Articles