(Database View Monitor) has been added to the Cilasoft product suite to help companies control which users have access to specified sensitive data on your IBM i and to know who reads sensitive data and when.
This innovative product expands the audit process beyond database changes to real-time database access events, helping companies meet the stringent data-confidentiality requirements of Payment Card Industry Data Security Standards (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA) and other compliance regulations.
Without the need to change your existing applications, DVM
uses very granular tracking to detect read access to sensitive data files at the record level.
- Block and/or send alerts when a user reads confidential data outside of the normal application
- Block and/or send alerts when a user accesses confidential data in a specified file; e.g.: managerial salaries, sensitive bank transactions, medical or personal data of public figures
- Produce reports with context data (IP address, current user, call stack, etc) and a listing of all fields that were read
DVM is able to detect and log read access of sensitive files, providing a real-time, condition-based alerting system, with little or no impact on performance.
- Blocking mode to prevent users from reading specified information in a file
- Simulation mode so you can test rules before deploying, thus ensuring file blocking does not disrupt normal day-to-day activities of staff
- Audit criteria at a very granular level to detect high-risk read access
- Optimized retrieval of context variables
- Impact on performance is minimized through multiple intelligent and integrated mechanisms; i.e.: controlled hold, automatic hold in case of excessive execution time, etc.
- An exhaustive vocabulary is included for rule definition
- Multiple actions (program, journal, etc.) and alerts (e-mail, popup, program, journal, etc.) are included
- Reports can be produced in many formats: XLS, PDF, etc.
- Import/export configuration
- Meet the most stringent regulatory requirements on confidential data
- Reduce the risk of accidentally disclosing critical data
- Deter fraudulent activity