Thales Blog

Vormetric Integrated With IBM QRadar For Enhanced Security Intelligence About Access To Sensitive Data

March 13, 2014

We made a really important announcement today - We’ve now added integration to the third of the top SIEM solutions, IBM QRadar, to our existing integration with HP ArcSight and Splunk. As the cadence of data breaches increases worldwide with continued losses of credit card and customer data from retailers, health care data losses, revelations from Mr. Snowden, and more, it’s increasingly clear that traditional approaches to security are not able to safeguard sensitive data.

What’s needed are strong security controls around critical information assets. It’s a fact that organizations tend to focus first on end point protections, network and perimeter defenses, but the data makes it clear that this is no longer enough. Another classic stance is that compliance with security regimes like PCI will provide the necessary protection – but look at the facts. Target was PCI compliant (and had recently passed an audit) when they lost over 110 million customer’s private information.

What are those security controls that we should all be thinking about? They are protections directly around sources of sensitive data. Needs include setting up appropriate protection policies to ensure that only authorized users have access to data, that unauthorized access attempts don’t go un-noticed, and that both authorized users, as well as those who control the security settings for data access are monitored to ensure appropriate activity. It’s these last two points that make today’s announcement so important.

Vormetric collects detailed information surrounding the data that we protect with our products. The data details who, when, where and how access attempts and successful access take place. This is the critical information needed to identify when a breach may be underway, and that allows dynamic adjustments of access policies when threats are detected to lock out attacks. With our link to SIEM systems our customers now have a way to alert on unauthorized access attempts, recognize when access patterns have deviated in ways that may represent a threat, and use that information to manually or programmatically change policy and lock down.

The final result is a real win for our joint customers. They now have capabilities to easily make use of all the security intelligence data supplied by the Vormetric Data Platform with IBM QRadar (as well as Splunk and HP ArcSight), taking their data protection efforts to the next level.