Light Dark
March 16, 2016 By Scott Forstie 3 min read
Data Protection

Data governance encompasses all the technologies and processes you need to secure business critical data. Customers, governments and industries are designating more and more data as critical. As the volume and variety of critical data increases, you may feel like Dorothy on her way to Oz: Skipping down the Yellow Brick Road, picking up companions that have complementary skills to help you manage (or govern) data.

I work on DB2 for i, which is the integrated database that is the heart and soul of the IBM i platform, formerly known as iSeries, System i, AS/400 and other names. My day begins and ends with all things database. That may strike you as a sad proposition, but in actuality, it’s a great life because I get to help clients achieve their goals and satisfy mandates.

What’s a Database Mandate?

More and more, IBM i clients are being told they have to comply with requirements to:

  • Limit, mask and/or encrypt access to data;
  • Track the actions of highly privileged users;
  • Track all changes to specific tables;
  • Detect attempts to circumvent authorization;
  • Recognize the proliferation of sensitive data; and
  • Demonstrate and measure the continual efforts to govern the data center.

IBM Security Guardium can be used to satisfy many of these important database mandates for IBM i clients.

My on-demand Guardium tech talk includes an explanation of how Guardium technologies such as Database Activity Monitor (DAM), Vulnerability Assessment and Classifier can help IBM i clients meet compliance and data governance requirements. They can also protect against insider threats, cybercriminals and other bad actors, all while integrating with the broader security infrastructure.

Using Technologies to Achieve Compliance

Database activity monitoring is a very strong solution for satisfying DB2 for i monitoring requirements. DAM is integrated with DB2 for i and can be used in production environments where client expectations are sky-high.

A simple example would be to show how DAM can be used to capture instances where entire tables are being copied. As shown below, we can see that DAM can capture both SQL and command line techniques for copying tables.

Another strength of DAM with DB2 for i is its comprehensive SQL capture, including host variables and parameter marker values, which are known as bind variable values in Guardium lingo.

Figure 2 below shows an example of the execution of an UPDATE statement. DAM serves up the essential forensic data, making it possible and easy to analyze the activity, determine when an incident has occurred and identify the scope of impact.

Learn More About Guardium Security Options

If you’ve read this far, you should consider watching the on-demand Guardium tech talk to hear more about your options for IBM i data governance using Guardium. There will also be more opportunities to learn more at security conferences slated for this year.

 |  |  |  |  | 
Scott Forstie
DB2 for i Business Architect, IBM

More from Data Protection
January 27, 2025

How secure are green data centers? Consider these 5 trends

4 min read - As organizations increasingly measure environmental impact towards their sustainability goals, many are focusing on their data centers.KPMG found that the majority of the top 100 companies measure and report on their sustainability efforts. Because data centers consume a large amount of energy, Gartner predicts that by 2027, three in four organizations will have implemented a data center sustainability program, which often includes implementing a green data center.“Responsibilities for sustainability are increasingly being passed down from CIOs to infrastructure and operations…

January 21, 2025

Why maintaining data cleanliness is essential to cybersecurity

3 min read - Data, in all its shapes and forms, is one of the most critical assets a business possesses. Not only does it provide organizations with critical information regarding their systems and processes, but it also fuels growth and enables better decision-making on all levels.However, like any other piece of company equipment, data can degrade over time and become less valuable if organizations aren’t careful. What’s even more dangerous is that neglecting data hygiene can expose organizations to a number of security…

January 3, 2025

Router reality check: 86% of default passwords have never been changed

4 min read - Misconfigurations remain a popular compromise point — and routers are leading the way.According to recent survey data, 86% of respondents have never changed their router admin password, and 52% have never adjusted any factory settings. This puts attackers in the perfect position to compromise enterprise networks. Why put the time and effort into creating phishing emails and stealing staff data when supposedly secure devices can be accessed using "admin" and "password" as credentials?It's time for a router reality check.Rising router risksRouters…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature