Abu Dhabi Commercial Bank Implements Guardium

01 June 2009

Abu Dhabi, 1 June 2009: Abu Dhabi Commercial Bank (ADCB) has announced the successful implementation of Guardium's real-time database security and monitoring solution to prevent unauthorized changes to critical financial tables by privileged users such as DBAs.

ADCB started deploying Guardium in December 2008 by StarLink which has a distribution partnership with Guardium covering the entire Middle East region. ADCB was looking for a distinctive method of database auditing to ensure the deployment be trouble-free with no impact to the Databases and Guardium met these criteria.

"We were seeking a unified, cross-DBMS solution that delivers granular, real-time controls without the complexity, overhead and risk of native DBMS-resident auditing, and Guardium fulfilled all our requirements. Our goal is to ensure that critical information is stored securely through the adoption of best-of-breed technologies." said Steve Dulvin, Head of IT Security at Abu-Dhabi Commercial Bank.

"Through partnering with Guardium, ADCB will ensure the integrity of enterprise data and help to enforce change controls, while simplifying and automating compliance processes," Steve added. "Unlike traditional database logging solutions, Guardium provides 100% visibility into all database activities - including both privileged and application user actions - across all DBMS platforms, without impacting on performance or IT infrastructure. We believe in layered security to ensure confidentiality and integrity of the bank's & customer information."

Guardium monitors all database transactions, without adding overhead or relying on traditional DBMS-resident logs that can easily be disabled by DBAs. It creates a verifiable audit trail of all transactions - including DBA activities that access databases via "back-door" protocols such as Oracle Bequeath, named pipes and shared memory - and immediately generates real-time security alerts whenever policy violations are detected. This enables organizations to effectively enforce corporate change controls, such as preventing changes outside of authorized change windows and automates the entire compliance auditing process.