Data-Centric Audit and Protection (DCAP) and Data Loss Prevention (DLP) -- along with data classification and discovery -- are key components of any serious Data Security Governance (DSG) program. IRI Chakra Max DCAP software can be licensed alone or in combination with IRI FieldShield and other data management features of the IRI Voracity platform, to provide a uniquely cost-effective DSG platform for managing and protecting PII in databases.
Data Security and Privacy Law Compliance for the Enterprise
Chakra Max is a database firewall and DCAP solution that delivers proven, patented database activity monitoring (DAM) / database audit and protection (DAP), and other valuable security functions for data at risk in the 20 platforms on this page. Use Chakra Max for:
- database access control for defined users and groups
- SQL activity (statement and workflow) approval ... black lists / white lists
- DB system monitoring with or without having to connect to the DB
- PII access logging and reporting
- dyanmic data masking (DDM)
- ISO 27001-compliant activity reporting and log analysis
- audit integrity (alteration/vorgery detection and prevention)
What Chakra Max Does
Chakra Max controls DB access through individualized user privileges. For example, you can specify access privileges for application server or DB users who move data to and from the DB, and allow them to perform what you define to be "reasonable" transactions, but block "unreasonable" ones.
Chakra Max uses a 3-tier Web Application Server (WAS) agent to collect packets between the client and DB, and then monitors and controls those packets. Chakra Max identifies each end-user -- and controls their access per policy -- through an agent installed on the web application server. In lower traffic environments, you can also collect packets via DB agent. Either way, there is no need to install a physical tap device or port mirroring switch.
Chakra Max processes work approvals for SQL execution privileges according to the organization's data stewardship policies, and leaves a detailed audit history of what was executed. It can also limit a user's execution time and number of executions.
Chakra Max monitors DB traffic and user information in real time. Chakra Max picks up the end users' ID details, traffic data, and access control status. It also monitors DB and Chakra Max performance information, as well as capacity details for the audit repository. Chakra Max can issue immediate alerts, block the activity (or the kill the session), and of course record the activity (see below).
Chakra Max can dynamically mask PII columns on a per-user basis to prevent unauthorized data exposure during queries. This built-in data redaction feature masks all or parts of the data in a specific table or column analyzed automatically through pattern recognition to be PII (like an SSN or account number). The original plain text is retained in the table, but the ciphertext result is forwarded to the user. Static data masking via IRI FieldShield is available at a discount to Chakra Max or IRI Voracity platform users.
Chakra Max logs all activity to an 'audit hub' or repository, according to the policies the security administrator defines. This includes end user identity and traffic information, access control status, and security policy management history.
You can search the audit data for: user session and SQL information, server protocol session and command execution, approval history, user and administrator work history, unused policy/account data, and SQL summary information. You can also create and print reports in 14 different document formats, including: .csv, .doc, .html, .pdf, .ppt, .txt, and .xls. And, you can tie the data directly into your SIEM/SOC platform in real-time or through files to bring add database activity information into the broader security control picture.
Chakra Max guarantees integrity of the audit data and your policy management settings by protecting them with encryption and log resource monitoring. Set access controls for the log file(s), schedule back ups, and set alarms for insufficient disk space. Deleted audit data can also be recovered and searched by a DBA after recovery.
Chakra Max achieved CC (Common Criteria) validation at Evaluation Assurance Level 4 (EAL4), and is widely accepted as a secure and stable solution devoid of known industry vulnerabilities.
Chakra Max Configuration Options
Chakra Max audits and controls DB access with no impact on the DB by logging 100% of the audit data in 'sniffing' mode. No agent need be installed at the user or DB level, and there is no impact on any existing business or network environment.
Gateway Mode (Inline + Forwarding)
Chakra Max controls the movement of data into and out of the DB purely in the 'gateway' mode. It works either with or without an installed agent on a user laptop. This mode controls work in SQL units, which allows you to increase security by deploying it across internal development or outsourced work environments. Minor application latency may be involved, but there is no impact on the database server in this mode, either.
HA (High Availability)
Maintain the availability of your DB and access controls by configuring the Chakra Max server in either Active-Active or Active-Standby mode.
Chakra Max has more than 1,000 users across Asia, and is now available directly from IRI and its global network of value-added resellers and expert partners. We are ready to help you set up and service -- or arrange managed hosting for -- your Chakra Max database firewall.
Chakra Max is available from IRI as a standalone solution, or as a bundled option with another IRI Data Protector suite product (like IRI FieldShield for static data masking) or the IRI Voracity total data management platform.