Imperva
does it again with their latest release of SecureSphere 6.0. This release
builds on its previous release by delivering security and compliance in one
robust package.
According
to Mark Kraynak, director of strategic marketing for Imperva "SecureSphere
version 6.0 is designed to address three major challenges facing organizations
today — data governance, data protection, and operational efficiency. Data
governance is critical for compliance and maintaining data integrity,
protection is self explanatory, while operational efficiency is all about the
need to achieve governance and protection without breaking the bank."
What
does this jargon mean? Simply stated, large corporations need a better way of
making sure sensitive application and databases are being monitored as securely
as possible. In version 6 of SecureSphere, this process is automated by
providing the following:
-
Server
Discovery -
Sensitive
Data Discovery -
Web
Application Security -
Usage
Visibility & Control
SecureSphere 6.0 features
several technology improvements, including server discovery, which discovers
application and database servers that may not be documented via change
management. This includes the discovery of rogue applications. Another great
feature is the detection of sensitive information such as Social Security
numbers, credit card numbers, etc. to be placed in the appropriate policy
control.
Kraynak
goes on to say "With this new release we have focused on automation and
simplification of activities that are time consuming, prone to human error, and
require expertise that may be lacking in-house. For example, we have added
automated data discovery and sensitivity ranking, a task-based management
structure that allows for very granular user roles, and new controls that
monitor data access via privileged users and scripts without requiring changes
to work processes."
Let’s now add Business
Compliance reporting and we have found the “fountain of youth.”
Kraynak
says, "One of the biggest complaints we hear from security and database
teams is the complexity and time consuming nature of regulatory compliance
report creation and review. To address this problem, we’ve built a powerful new
reporting framework with pre-made report templates that gather the data
required for given regulatory mandates and are tailored to know where specific
business applications store data. The framework also supports the modification
of templates and the creation of user-defined reports. To automate the process
further, SecureSphere provides workflow capabilities that can be used to
control multi-step tasks such as report review cycles that span groups of
individuals and departments."
Examples
include:
- Mandate-
and application- specific report templates: To take the guesswork out of compliance reporting,
SecureSphere ships with new pre-made reports that are tailored to the
unique information requirements of leading enterprise applications,
including Oracle eBusiness Suite and SAP, as well as regulatory mandates
such as PCI, SOX, and HIPAA. - Robust
and flexible reporting framework: Provides point-and-click facilities for
customizing pre-defined reports and generating new reports unique to an
organization. In addition, users can easily schedule recurring report
generation and distribution to multiple groups in a variety of formats. - ADC
Insight Services: These automatically delivered intelligence modules
package the information needed to instantly set-up SecureSphere to
monitor, audit, protect specific business applications and meet one or
more regulatory compliance requirements. ADC Insights are continuously
updated as applications, mandates, and industry best practices change.
“Maintaining the
integrity and security of data used by business applications is complicated,
time consuming, and often spans multiple groups within an organization,” said Shlomo Kramer, president and CEO of Imperva. He goes on to say “With this new release of
SecureSphere we have brought together reporting intelligence with automated
protection and management capabilities to cut out much of the manual work
needed to secure application data and comply with regulatory mandates.”
Additionally, Large
corporations and Application Service Providers (ASPs) that require the ability
to delegate tasks that span security, audit, and compliance, SecureSphere
provides a new hierarchical management system and workflow engine. This
framework aligns management activities to mesh with how organizations are
structured and govern their IT operations. SecureSphere can specifically:
- Map
to Business Structure: SecureSphere
allows organizations to map management and audit activities by
physical location, business unit, functional group, etc., and create
granular role-based user accounts with controlled access rights and
privileges. - Automate
and Control Processes: For
multi-step tasks that span groups of individuals and departments, the
SecureSphere management console has been enhanced with workflow
capability. For example, from SecureSphere users can create workflows to
schedule/coordinate review cycles for compliance reports and logs, and
monitor change control activities that require approval by security and
operations teams.
For more
information, visit www.imperva.com. Imperva
is the leader in application data security and compliance. Leading enterprise
and government organizations worldwide rely on Imperva to prevent data theft
and abuse, and ensure data integrity. The company’s SecureSphere products
provide data governance and protection solutions that monitor, audit and secure business
applications and databases. Imperva SecureSphere is available immediately from
Imperva and its business partners worldwide. Pricing starts at $30,000 USD.