Abu Dhabi Commercial Bank Implements Guardium to Strengthen Database Controls
Security Initiative Driven by ADCB Audit Strategy to Monitor DBAs and Prevent Unauthorized Changes to Critical Databases
WALTHAM, MA - June 3, 2008 - Guardium, the database security company, and StarLink, a leading Middle East provider of security and compliance solutions, today announced that the Abu Dhabi Commercial Bank (ADCB) has successfully implemented Guardium’s real-time database security and monitoring solution to prevent unauthorized changes to critical financial tables by privileged users such as DBAs.
A publicly traded company, ADCB is the third largest commercial bank in the Middle East, with a 33-branch network spread across the UAE in addition to two branches in India and an offshore banking unit in the Cayman Islands.
Complex Heterogeneous Environment
“We were seeking a unified, cross-DBMS solution that delivers granular, real-time controls without the complexity, overhead and risk of native DBMS-resident auditing, and Guardium fulfilled all our requirements. Our goal is to ensure that critical information is stored securely through the adoption of best-of-breed technologies.” said Steve Dulvin, Head of IT Security at Abu-Dhabi Commercial Bank.
Guardium: Dominant in the Region
·Another leading UAE bank.
·The largest stock exchange in the Middle East.
·The largest commercial bank in the UAE.
·A leading Saudi bank.
·One of the largest Islamic banks in the region.
·The National Bank of Kuwait.
·Another major Kuwaiti bank.
“We are now sweeping the region with Guardium’s powerful solution for enterprise database auditing and real-time protection,” said Nedal Ahmad, Regional Sales and Marketing Manager, StarLink. “Given the strategic importance of safeguarding sensitive financial and customer data, our customers are looking for robust and comprehensive solutions that have been properly architected to address their needs both now and in the future.”
The Challenge: No Visibility into Changes by Privileged Users
Guardium 7 continuously monitors all database transactions, without adding overhead or relying on traditional DBMS-resident logs that can easily be disabled by DBAs. It creates a verifiable audit trail of all transactions - including DBA activities that access databases directly via “back-door” protocols such as Oracle Bequeath, named pipes and shared memory - and immediately generates real-time security alerts whenever policy violations are detected. This enables organizations to effectively enforce corporate change controls, such as preventing changes outside of authorized change windows.
Guardium’s technology also dramatically reduces staff time by automatically creating reports that compare all detected changes with approved change requests. This process, known as “change control reconciliation,” is increasingly required by auditors to tighten internal controls for critical systems.
The company’s enterprise security platform is now installed in more than 450 data centers worldwide, including 3 of the top 4 banks; 3 of the top 5 insurers; 2 of the top 3 retailers; 15 of the world’s top telcos; top government agencies; 2 of the world’s favorite beverage brands; the most recognized name in PCs; a top 3 aerospace company; and a leading supplier of business intelligence software.
Guardium has partnerships with Oracle, Microsoft, IBM, BMC, EMC, Accenture, McAfee and ArcSight, with Cisco as a strategic investor, and is a member of IBM’s prestigious Data Governance Council and the PCI Security Standards Council.
Guardium is a trademark of Guardium, Inc.