IBM Guardium Data Protection Review

We use it to support security initiatives and combine policies within the organization


What is our primary use case?

Primarily re-monitoring sensitive data and privilege user access. 

How has it helped my organization?

One of the greatest benefits for using Guardium is our ability to monitor sensitive data. With current policy and GDPR for international, then audited compliance for monitoring access to sensitive data, it is very critical for our industry in healthcare. 

We use IBM Guardium to support security initiatives and combine policies within the organization. We have many initiatives that come up and we have what are called action plans. Guardium comes up in quite a few of them when it gets related to database monitoring and controlling sensitive data. 

IBM Guardium helps us comply with industry regulations, such as GDPR, local US standards, and then the current New York cyber laws, which are very specific about controlling access to data.  

Guardium is integrated for data. It is integrated across our big data, then for cyber security. It is integrated in our security stack. 

What is most valuable?

  • Our ability to see when users are accessing sensitive data. 
  • The front-end works very well. 
  • Gathering the data works very well. 

We are using quite a few of the advanced features. Some of those include some scripting for integration with our other security tools in the environment along with data collection, and the ability to use large data formats for monitoring and information. 

What needs improvement?

One of the limitations that everyone who uses Guardium knows is its ability for back-end reporting. Guardium in and of itself is a big data platform. It creates big data all by itself. The ability to collect it sometimes is easier than the ability to retrieve it, use it, or give a good representation of it for incidence response or questions which come from the different people who want to use the data. 

Then, it goes back to the use of the data. Using the data in native Guardium is difficult, at best. I know there are current advancements. I know they are integrated with jSonar, which used to be a partnership. However, it is now integrated into the company, which is nice, but we are far beyond that. We have already purchased and implemented other solutions, so now we have to go back and retroactively add that, which would be a good addition, but we are just not there today. 

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Guardium is very stable. The only outages that we have had have been self-induced, which is hard to admit. As a platform, it provides great stability.

What do I think about the scalability of the solution?

Guardium should meet our needs going forward. 

We have only been using Guardium for a short period of time, so we had some growth problems. It is just like growing into your body. Your knees start to hurt after a little while, but once you get through that growth spurt, you get your win and you keep going and you are able to grow and expand. I think the way we have it implemented, we will be able to grow and scale as the organization grows. 

How is customer service and technical support?

We use technical support very frequently. We actually have a weekly call with our sponsor where we go through all of our different support questions. We are on a week-to-week basis where we follow-up with all our questions. We are on the leading edge for Guardium implementations. The version that we are on, it makes us a Fortune Six organization with the current version for all of our data. It requires a lot of support as we grow and mature with the product and with our organization's growth. 

How was the initial setup?

Our initial setup was pretty straightforward because we were just figuring out how it worked. Over the last two years, we have introduced our own complexities to accommodate our requirements. Would I say that it is complex to us today? No. To the average Guardium user? Yes, it would be complex.

Which other solutions did I evaluate?

We did evaluate other vendors. Guardium was a large purchase. We did our due diligence as we were responsible for the purchase process. Guardium won mostly because of our scope and scale. It was able to perform at the scale that we wanted to use it. 

Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Add a Comment
Guest
Sign Up with Email