Automated Discovery and Management Capabilities Simplify Complex Data Control, Monitoring, and Compliance Operations
FOSTER CITY, Calif., Jul 16, 2007 – Imperva®, the leader in application data security and compliance, today announced a tightly integrated new release of SecureSphere® that spans the entire data stream to reduce the IT resources needed to protect, govern, and audit business application data. SecureSphere monitors and controls data usage within both applications and databases, and automates manual data discovery, regulation-specific reporting, and management operations including role-based delegation of tasks.
First Advantage Corporation (Nasdaq: FADV), a global business risk mitigation and solutions provider, is using SecureSphere as a core component of its security and Sarbanes Oxley (SOX) compliance program for several line of business applications. According to Donald Scott, Director of Application Security and Compliance for First Advantage Corporation, “SecureSphere is a key technology that helps us to implement a holistic approach to data security and Sarbanes Oxley compliance that fits well with our corporate objectives. The packaged configurations and blocking patterns are smart, it is very intuitive to operate, and allows us to audit data quickly using workflow-enabled reports.”
Auto-Discovery, Monitoring and Protection
In large heterogeneous environments, making sure all sensitive applications and databases are being monitored and protected is manually intensive and prone to error. To automate this process, SecureSphere introduces several new capabilities:
- Server Discovery: SecureSphere automatically discovers application and database servers, including rogue applications or databases that may not be documented.
- Sensitive Data Discovery: SecureSphere detects sensitive information, including Social Security Numbers, credit card data, etc., so it can be placed under appropriate policy control.
- Web Application Security: For web infrastructures that span multiple applications and domains, SecureSphere offers a high performance transparent proxy mode that protects these assets and allows organizations to present external users with logical and consistent URLs that mask back-end complexities.
- Usage Visibility and Control: Maintaining separation of duties to monitor and prevent authorized insiders from abusing their privileges can scale out of control in distributed organizations. SecureSphere provides granularity visibility into privileged user activity, including local access on the host database and scripted operations, by closely monitoring logins/logouts and reconstructing queries and responses. In addition, SecureSphere can inspect encrypted database traffic to prevent audit blind spots associated with data-at-rest leakage prevention technologies.
Business Relevant Compliance Reporting
SecureSphere provides a comprehensive set of new capabilities for achieving and demonstrating regulatory compliance including:
- Mandate- and application- specific report templates: To take the guesswork out of compliance reporting, SecureSphere ships with new pre-made reports that are tailored to the unique information requirements of leading enterprise applications, including Oracle eBusiness Suite and SAP, as well as regulatory mandates such as PCI, SOX, and HIPAA.
- Robust and flexible reporting framework: Provides point-and-click facilities for customizing pre-defined reports and generating new reports unique to an organization. In addition, user’s can easily schedule recurring report generation and distribution to multiple groups in a variety of formats.
- ADC Insight Services: These automatically delivered intelligence modules package the information needed to instantly set-up SecureSphere to monitor, audit, protect specific business applications and meet one or more regulatory compliance requirements. ADC Insights are continuously updated as applications, mandates, and industry best practices change.
“Maintaining the integrity and security of data used by business applications is complicated, time consuming, and often spans multiple groups within an organization,” said Shlomo Kramer, president and CEO of Imperva. “With this new release of SecureSphere we have brought together reporting intelligence with automated protection and management capabilities to cut out much of the manual work needed to secure application data and comply with regulatory mandates.”
Role and Workflow-Based Management
For large organizations such as multi-national corporations and multi-tenant Application Service Providers (ASPs) that require the ability to delegate tasks that span security, audit, and compliance, SecureSphere provides a new hierarchical management system and workflow engine. This framework aligns management activities to mesh with how organizations are structured and govern their IT operations. SecureSphere can specifically:
- Map to Business Structure: SecureSphere allows organizations to map management and audit activities by physical location, business unit, functional group, etc., and create granular role-based user accounts with controlled access rights and privileges.
- Automate and Control Processes: For multi-step tasks that span groups of individuals and departments, the SecureSphere management console has been enhanced with workflow capability. For example, from SecureSphere users can create workflows to schedule/coordinate review cycles for compliance reports and logs, and monitor change control activities that require approval by security and operations teams.
Pricing and Availability
Imperva SecureSphere is available immediately from Imperva and its business partners worldwide. Pricing starts at $30,000 USD.
About Imperva
Imperva is the leader in application data security and compliance. Leading enterprise and government organizations worldwide rely on Imperva to prevent data theft and abuse, and ensure data integrity. The company’s SecureSphere products provide data governance and protection solutions that monitor, audit and secure business applications and databases. For more information, visit www.imperva.com
# # #
Imperva and SecureSphere are trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.
Editorial Contact
Marc Gendron
(781) 237-0341
marc@mqpr.net