Easily audit your data at record level, comply with SOX or any other regulation... and avoid fraud!

Sarbanes-Oxley (SOX), Basel II, 21 CFR Part 11, HIPAA... Every day there are more regulations pushing companies to guarantee the accuracy, integrity, and confidentiality of their data.

Standards such as COBIT, ISO 17799 and ISO 27001 require or recommend auditing changes to specific records in sensitive tables, and maintaining an electronic record of these changes.

In banking and insurance companies, for example, this audit trail functionality is also required to prevent internal fraud and limit operational risk.

• How to audit your corporate data easily to comply with regulations?
  
• How to track all transactions on your business data without impacting system performance?
  
  

New Tango/04 Data Monitor for iSeries

Tango/04 Data Monitor for iSeries helps you detect and solve security breaches affecting your corporate data in real time by auditing read, insert, update and delete transactions performed on specific records and fields of your sensitive IBM DB2 UDB for iSeries databases.

It can help you satisfy regulations that mandate or recommend the auditing of data stored on your database tables, such as the Sarbanes-Oxley Act, HIPAA, FDA's 21 CFR Part 11, European Privacy Laws, GLBA, the Basel II accord and California's SB 1386.

It can also detect in real time attempts to illicitly or incorrectly access your data, in order to avoid fraud and accidental errors.

Designed according to the best practices for data protection and auditing, Tango/04 Data Monitor for iSeries meets the specifications of widely accepted standards, such as ISO-17799, ISO-27001 and COBIT.

Who did what when and where?

Take absolute control of the use of your critical data without programming, without any changes to your applications, and with near-zero impact on performance. Tango/04 Data Monitor for iSeries is the most efficient and comprehensive data auditing solution for DB2 databases on iSeries systems, offering the best ROI in the market today.

The flexible, color-coded reports of Tango/04 Data Monitor clearly indicate details of each transaction, ID of each modified record, and before and after values. They can be created automatically in a number of formats.

The new Tango/04 Data Monitor 2.0 features many improvements to help companies identify potential security breaches faster and comply with data protection regulations more easily.

• New Read Access Auditing: Tango/04 Data Monitor for iSeries 2.0 now can audit read access to specific records in IBM DB2 UDB for iSeries databases, helping security officers to easily acknowledge and demonstrate who and when reads sensitive information.
• New User Interface: More powerful and easy to use, now all the features and functionalities are directly accessible from the interface, including pre-processes, filters, string chains and remote journal support.
  

The new release of Tango/04 Data Monitor for iSeries introduces a more user-friendly interface. In the example at left, it is very easy to check all the information of the monitored database file. Audited fields of the database file are displayed with great detail and simplify the setup of auditing policies. (right).

• New Advanced Reporting with Grouping: Now security officers can group information in reports by user type, user group, accounting code, application, file library/name or program library/name, simplifying the task of spotting suspicious activity.
• New Sensitive Field Masking: The reporting capabilities of the 2.0 version include advanced sensitive field masking, protecting confidential data, like credit card numbers, from appearing in auditing reports.

Main features

Detailed information for each transaction
Tango/04 Data Monitor for iSeries can retrieve detailed information of every change or read transaction, including timestamp, job, user, real user (which may differ from the job user), user class, accounting code, IP address of the remote job that executes the transaction (where available), name of the program and library, and more.

Custom selection of audited fields
The reports can extract information at field level. You can concentrate on the most critical events, audit only sensitive fields and records, and filter out less relevant information at the source.

Now, information on reports can also be grouped by user type, user group, accounting code, application, file library/name or program library/name, simplifying the task of spotting suspicious activity (for instance, all the transactions performed by the SECOFR user class, the Developers user group, or an unauthorized application).

Flexible reports in real time or on demand
Tango/04 Data Monitor for iSeries can generate reports instantly and interactively, or schedule their creation at a later point in time. The Reporting System displays reports on-screen and exports them in many formats, including:

• Acrobat (PDF)
  
• Text (TXT)
  
• Comma Separated Values (CSV)
  
• Excel (XLS)
  
• dBase IV (DBF)
  
• Word (DOC, RTF)
  
• HTML
  
• XML
  
• And more
  

Reports can be sent automatically by e-mail, or fed to a corporate Web portal or a restricted area on the Intranet.

The flexible, color-coded reports of Tango/04 Data Monitor clearly indicate details of each transaction, ID of each modified record, and before and after values. They can be created automatically in a number of formats.

Historical retrieval
Tango/04 Data Monitor for iSeries can incorporate data from old journal receivers containing historical transaction data. It also allows for the integration of recent data if the solution was deactivated for a while.

Efficient use of resources
By taking advantage of iSeries Remote Journaling, the impact on the audited system's performance can be practically zero when all the auditing activity takes place on the remote system. Users with a backup system or a low-usage partition can take advantage of this advanced feature. Tango/04 Data Monitor for iSeries 2.0 can even reuse remote journals used for High Availability purposes.

Dynamic format
Tango/04 Data Monitor for iSeries adapts to application changes. The fields are always displayed correctly regardless of format changes, removal or addition of fields, and other modifications.

Customized subreports
Each authorized user can easily create customized subreports based on the predefined reports included in the Reporting System. For example, they can insert logos, modify the appearance of lists, and use an intuitive graphical interface to create combinations of parameters and quickly respond to questions like:

• Who made changes to the file SALARIES accessing the file as a user SMITH?
  
• Who modified INVOICES between 00:00 and 05:00?
  
• What changes (to any table) did user JONES make in the last month?
  
• What were all the changes made to the sensitive field DISCOUNTS in the last quarter?
  
• What changes were made to CUSTOMERS not using the program?
  
• What changes were made via DFU?
  
• How many changes were made to the table PAYCHECK in the last year?
  
• What users that do not belong to the HR user group modified the table SALARIES?
  

Before and after image
If desired, the before and after values can be shown for every changed field. It is also possible to define the order in which the fields appear or to exclude one or more fields altogether.

Support with legal validity
When uncovering fraudulent behavior by an employee or any other suspect transaction that requires contacting national or foreign justice, Tango/04 Data Monitor for iSeries can help. It is based on data on the IBM journal receivers, which have been certified by IBM as "usable as legal proof" in the United States and other countries. This is not the case with other methods of capturing data, such as triggers, used by other products in the market today.

Quick to start and easy to use
Tango/04 Data Monitor for iSeries was designed to be put into production with minimal effort on the user's part and with a very low operating cost.

Easy to read reports
The key fields or relative record numbers are shown first and clearly indicated in the reports.

Masking confidential information
The most sensitive data can be monitored openly or "obscured". For example, it is possible to hide data such as account balance, credit card numbers, phone numbers, and more. This data will appear in reports as ***Restricted***, or it can be partially hidden (for instance, masking only the last eight digits of a credit card number).

Transparent to existing applications
As it directly integrates with the database journal receivers, Tango/04 Data Monitor for iSeries does not require any changes to be made to existing applications.

Complete integration with VISUAL Message Center
Tango/04 Data Monitor for iSeries seamlessly integrates with VISUAL Message Center and VISUAL Security Suite, thereby taking full advantage of the power of the SmartConsole in generating early warnings, message escalation and automation of actions.