"It's the data, stupid." OK, the phrase is not quite catchy enough to become a must-have bumper sticker, but it's a mantra for every organization with sensitive information. Today's article looks at two enterprise security platforms designed to protect corporate data. Guardium focuses on securing the data and actions involving databases, and Symantec's Vontu platform provides data loss prevention (Compare Data Leak Protection products) on the network, at the endpoint, and in storage devices.

Guardium's technology platform (also called Guardium) safeguards databases and enterprise applications. It uses policy-based controls and anomaly detection to prevent unauthorized activities by potential hackers, privileged insiders, and end users of enterprise databases and applications such as Oracle EBS, PeopleSoft and SAP. All user activities are monitored, including those by privileged users, application users, DBAs accessing databases directly, remote developers, and even batch processes.

Guardium has the ability to monitor for anomalous activities at a very granular level, such as a single transaction by a specific user. The software can initiate responses to specific behaviors if desired. For example, when a particular user attempts to access sensitive tables, he can be sent a pop-up alert telling him his action is forbidden.

The software monitors change control, allowing companies to detect when the database structure or critical data values have been changed without authorization. Guardium helps with database vulnerability assessments to detect potential problems such as misconfigured privileges, missing patches and excessive administrator logins.

Guardium creates an audit trail of all database activities, which helps companies verify compliance with regulatory mandates like SOX and HIPAA.

The Guardium platform is sold as an appliance or as software. It supports all major database platforms and database protocols on all major operating systems, as well as all enterprise applications and application server platforms. The appliance sits outside the databases, and because of the non-invasive architecture of the solution, Guardium doesn’t affect or degrade business processes in any way.

While Guardium protects data in databases and applications, Symantec’s Vontu Data Loss Prevention platform covers data at three primary threat points: when it’s moving on the network, such as when a spreadsheet is attached to an outbound e-mail; when it’s at rest in a storage device, including PC hard disks as well as central storage systems; and when it’s being accessed at an endpoint, for example, being copied to a USB thumb drive.

Linda Musthaler is a principal analyst with Essential Solutions Corporation.