Data Privacy & Protection

Sitemap Contact Info

Database Monitoring for Banks

Privacy

Data Privacy Solution

The privacy of your sensitive corporate data is more at risk than ever. Not only are hackers becoming more sophisticated, they�re more often targeting the data itself in an attempt to steal personal information and identities.

Several industry initiatives are in place to address data privacy and disclosure issues. The California Security Breach Information Act 1386/1950 is one of the most prominent. It affects any agency or company that does business in California and deals with computerized personal information. Since 2003, it has required these organizations to promptly disclose any unauthorized access�either internal or external�that could compromise the security, confidentiality or integrity of personal information. Without the ability to rapidly detect unauthorized access, organizations risk noncompliance.

In addition, companies are now implementing strong internal controls to protect against the theft of data at its source. These companies recognize that stronger perimeter security and data encryption do not solve the problem. In many cases, those committing the theft are authorized internal users who have valid credentials and approved access to corporate applications and data.

Best practices are now available to help you address these issues. The recommended controls are:

Continuously monitoring all database changes including changes to data structures.
Monitoring the activity of privileged users who have the highest level of access to systems.
Integrating with corporate change control systems to ensure only approved changes are taking place.
Implementing user behavior profiling to identify suspicious or unusual behavior.
Providing regular summary and detailed reports on all data activity

By implementing these controls, companies will mitigate the risk of data theft and stolen user identities.

The Tizor Solution for Data Privacy And Theft: a pre-defined policy template for real time protection.

Mantra data auditing and protection enables your organization to protect itself and its customers from information and identity theft. The pre-defined policy template includes:

Monitoring all user activity to mission-critical information and applications.
Monitoring privileged user activity including changes to data structures.
Integrating with corporate change control systems.
Detecting unauthorized access to high-risk information while it�s happening.
Detecting suspicious or anomalous user behavior with personal and private data as its happening.
Real-time alerting of appropriate personnel to minimize the impact of a breach.
Delivering a broad range of data privacy reports.

By auditing authorized users' activity as they access sensitive information in databases and file servers, Mantra offers the first systematic approach to real-time protection against information theft. Real-time forensic capabilities significantly reduce the time and effort needed to correlate and investigate theft incidents. And Mantra data auditing and protection establishes the actual extent of the breach, limiting disclosure requirements�the key to protecting your company�s reputation and brand.

Mantra is a high performance, network appliance that continuously monitors both network and local data traffic to database and file servers. Mantra is non-intrusive and has no performance impact on your product database. Patent-pending Behavioral Fingerprinting� technology identifies anomalous or suspicious user behavior in real time, preventing unauthorized data access like data theft and breaches.

Mantra�s CA 1386/1950 policy set template provides a comprehensive solution for cost-effective compliance management and identity theft detection.

Mantra Data Auditing for CA 1386/1950 and Data Theft

Activity Auditing is the only way to know who touched which sensitive data.

TIZOR MANTRA

Even if a user is authorized or privileged, you can catch non-compliant activity as it happens.
You know what the user saw � eliminates uninformed disclosure.
Minimizes the effects of a breach � catches suspicious behavior in real-time and alerts you.
Supports the entire auditing lifecycle from Discovery and Policy Development to Reporting and Alerting.

For more information on data auditing solutions for CA 1386/1950, contact us: info@tizor.com or call 800-231-8224.

Features: key features of the Tizor Mantra data protection and auditing solution

Architecture: a look at the architecture behind the Mantra data protection and monitoring appliance

The Tizor Discovery Service helps identify data risk. Click here to learn more.

"Auditing user activity is obligatory for enterprises seeking reasonable and adequate controls that protect sensitive information from theft or accidental disclosure. Gaining more visibility into the connections between users, data and applications allows enterprises to better understand normal data accesses and catch information breaches and leaks as they occur."

Phebe Waterfield, Yankee Group Research