You say you already have a plan in place to guard your company's
data? Are you sure it has you adequately protected? While you
certainly understand the need for data security, your sales
challenges are tough enough without exposing your customers'
credit card information to a security breech; for example the
chances are good that in 2010 you will consider various options
for improving the security of your data. If you are going to
protect your company's most valuable asset—your
data—you will begin to view data security as a component of
a more comprehensive information governance strategy.
The risks of internal or external threats to your company's data
are becoming more complex as the depth and breadth of your
information expands rapidly and your data is shared with business
partners, suppliers, and customers. In addition, as companies
begin to take advantage of cloud services for some of their
workloads, additional complexity is added to the multitude of
security concerns. Many companies have deployed a disjointed
approach to securing, controlling, and managing its data, making
it hard to anticipate and prepare for constantly changing
security risks. There are lots of different ways that
unauthorized users may enter your network or otherwise steal your
data. Many companies typically have a distinct solution to combat
each one individually and typically can't protect against all of
them. For example, access control, data encryption, network
traffic monitoring, vulnerability testing, and auditing may all
be monitored with independent applications.
There is a good reason why many companies find they need to
deploy lots of different solutions to effectively govern its
information. Some of the most innovative solutions have come from
emerging companies who have built a niche around a particular
vertical market or some segment of the information security
market. So you deploy the best solution for your biggest
challenges and move on. However, as you begin to think more
holistically about your needs for information governance, you
will want to ensure that information security solutions are well
integrated. This is one reason why emerging companies with an
information security solution have become desirable acquisition
candidates for larger software vendors.
Guardium, a privately-held company based in Massachusetts, is one
of the most recent examples of this trend. When IBM announced its
acquisition of the company in the last week of November, Guardium
moved from a fast growing startup to one of the pillars of the
IBM information governance strategy. The company's technology
helps clients with some of the most challenging issues around
unauthorized access to critical data. Their solutions provide
secure access to enterprise data across many different database
environments such as IBM, Oracle, Microsoft, Teradata and others.
In addition, customers can reduce operational costs by automating
regulatory compliance tasks. While many companies may have the
ability to monitor one database at a time, Guardium brings added
value by enabling companies with complex environments to monitor
databases across their organization.
This acquisition aligns well with IBM's strategy to provide
customers with a well-integrated and comprehensive approach to
information management. IBM has spent in the range of $12 Billion
over the past five years to add software assets that will help
companies to make more intelligent decisions and realize more
business value from their information.