From the Desk of the MD – March 2011

Welcome to the first Ascent newsletter for 2011. As we reach our financial year end, and close what has been a successful year for Ascent, we are never the less reminded of the many challenges both we and our customers face. Notable amongst these are the issues that can have a particular impact on an organisation’s financials, such as security and compliance. This is of particular importance in light of the current and forthcoming laws, regulations and standards focusing on these areas.

With both the new Companies Act and the Protection of Personal Information (POPI) bill expected to come into force this year, and the Payment Card Industry Data Security Standards (PCI DSS) already having an impact on businesses, it is crucial for organisations to ensure they are doing all they can to protect customer data.

Globally, there has been a worrying increase in incidents of fraud, due to compromised data. Therefore, companies need to focus on the manner in which they collect and store information. They also need to proactively monitor their databases, to ensure that any suspicious activity raises an alert.

This is where Ascent Technology comes in. As a trusted advisor to our customers, and with our deep understanding of complex database environments, we are ideally positioned to assist with such scenarios.

Trusting Ascent Technology

As we mentioned in our newsflash last month, Ascent’s customers can now gain access to the newest revolution in the database arena – IBM’s InfoSphere Guardium Real Time Database Activity Monitoring. Guardium is a simple and robust solution which is designed to ensure the privacy and integrity of a company’s information.

This is a solution which is able to both avert cyber attacks, by proactively monitoring activity within the database, as well as prevent database leaks. It is also capable of identifying end user fraud and of monitoring and preventing malicious activity by privileged users, such as database administrators, developers and outsourced personnel. Additionally, it is able to assist organisations to reduce costs, through its ability to automate the entire compliance auditing process in a heterogeneous database environment.

However, what Guardium offers is more than just a database solution, since the areas it covers and the challenges it solves all have a direct bearing on the issues of security and compliance raised in PCI DSS, POPI and the new Companies Act. By addressing database security and the auditing needs across the enterprise, as well as securing sensitive data from a wide variety of sources, such as financial statements, personnel records and intellectual property, Guardium is the ideal answer to a challenge that is growing in severity every year.

Delivering on your needs

Guardium is able to provide automated assessment of database vulnerabilities and environmental configuration risks, along with real-time tools, metrics and recommendations for the proactive improvement of security lifecycle, for both PCI and non-PCI DSS environments.

In addition, this solution is able to create a secure, detailed and verifiable audit trail of all database activities, including those of privileged users. In addition, it increases operational efficiency by automating the entire compliance reporting cycle across all systems, applications and database management solutions, including report generation, distribution, issue escalation and sign-offs.

It can automatically locate and classify sensitive information, such as cardholder data and provides 100% visibility at a granular level into all database transactions involving sensitive data. It is also able to monitor and enforce a wide range of policies such as restricting sensitive data access, privileged user actions and database change control.

Finally, Guardium can also create a secure, centralised audit repository across large numbers of heterogeneous systems and databases, as well as automating the entire compliance auditing process.

With the numerous pieces of new legislation looming large and compliance and security growing in importance all the time, Ascent is excited to be able to offer a solution of this nature to its customers. This is yet another demonstration of our commitment to adding value to our customerbase and once again highlights our ability to deliver what our clients need, when they need it.

The last word

Last month we shared with you that Ascent is taking things to the next level and we are inviting all our clients and people to join us. We have launched a new press Press Office hosted on ITWeb, customers can see what is new in the world of database management at our Data Management Portal hosted on ITWeb, and for all the latest Ascent ins and outs, follow us on Twitter @AscentTech @AscentTech. So the real question then is: have you joined us on Twitter yet?

By: Johan Lamberts