The challenge

Telecom operator databases contain sensitive customer information (personal subscriber information, payment card data etc) which is accessed daily by a number of people, either employed by the operator or outsourced (DBM, CRM, etc.). The challenge for operators is to prevent theft of sensitive data while allowing regular access to customer information. However, traditional approaches based on tracking database logs are often difficult to implement and may not provide all the required information.

Qosmos solution

Using a network-based approach, Qosmos ixMachine provides real time tracking information for any database or application even in the case of custom developments. The probe monitors network flows and generates standardized Access Detail Reports including the required information to know who accesses what information and when. The non intrusive approach is transparent and generates no load on application servers.

Benefits

 

Usage benefits

• Respond quickly to legal and investigative requests for electronic evidence
• Real-time monitoring of access patterns enables quick reaction and prevention (as required)

Implementation benefits

• Only relevant data is extracted, which minimizes storage requirements and post-processing of information
• The probe operates by duplicating the information flow between users and database - the business application or infrastructure is not impacted

Information Extracted

Recognized applications and protocols (sample)

• Database: Oracle, MySQL
• Distant access: Telnet
• Custom Intranet application: any application over IP network

Extracted information (sample)

• IP address
• Login
• Inspected client file number
• Name of client
• Full report of all information displayed on screen (name, address, phone number etc)
• Date and time of connection
• Connection duration