IBM Security Guardium

Training

PCI Accelerator
 Overview

• Logging mechanisms and the ability to track user activities are

critical and required by payment card industries (PCI) data
security standards.
• PCI Accelerator allows thorough tracking and analysis when
issues that require further investigation arise.
• Without such logs, determining the cause of a compromise is
very difficult.
• At the same time, the amount of logged information collected by
most organizations makes the analysis task impractical and many
times impossible, without our patented technology.

2 IBM Security
 The PCI data security standard mandates:

• Safeguards sensitive data for all credit card brands.

• Delivers a framework of tools and measurements
• Protects against cardholder data exposure and compromise
• Applies to any members, merchants, and service providers
that
̶ Store
̶ Process
̶ Transmit cardholder data

3 IBM Security
 Problem of “unknown unknowns”

Throughout hundreds of investigations over the last years, one theme emerges as
perhaps the most consistent and widespread trend of our entire caseload. Nine out of
ten data breaches involved one of the following:
• A system unknown to the organization (or business group affected)
• A system storing data that the organization did not know existed on that system
• A system that had unknown network connections or accessibility
• A system that had unknown accounts or privileges

IBM Security Guardium provides auto-discovery of databases,

applications, batch programs and user activity, as well as identification
and classification of sensitive data in database systems. The
company's solution also locks down database systems and prevents
unauthorized changes, both inside the database (schemas, privileges,
accounts, etc.) and outside the database (configuration files,
environment variables, etc.).

http://www.verizonbusiness.com/resources/security/databreachreport.pdf

4 IBM Security
 PCI Accelerator

• Explore the PCI Accelerator. Some

areas that we suggest you focus on
are:
• Find who accessed cardholder data
̶ See Section: 10.2.1 Data access
̶ See Section: 10.2.4 Invalid access
• Find who used unauthorized
applications

5 IBM Security
THANK YOU
FOLLOW US ON:

ibm.com/security

securityintelligence.com
xforce.ibmcloud.com

@ibmsecurity

youtube/user/ibmsecuritysolutions

© Copyright IBM Corporation 2016. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,
express or implied. Any statement of direction represents IBM's current intent, is subject to change or withdrawal, and represent only goals and objectives. IBM, the IBM logo, and other IBM products
and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service
marks of others.
Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your
enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others.
No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems,
products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products
or services to be most effective. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.