I ran into an old friend at the IBM Data Management Conference last September. He was really happy to see me and learn that I had started a new company. You might know him. His name is Bing and he works for one of our nation's largest banks.
The Big Problem
After a bit of reminiscing, Bing said to me in his big, animated, booming voice "Scott! Our bank has a very big problem! I mean, it's a huge problem!" I raised my eyebrows as if to urge him to continue. Bing continued, "Our management would pay truck loads of cash for a solution to this problem! Big trucks! Tractor Trailer trucks!"
I started thinking about how much all that cash might weigh and where I could hide it. So I took the bait and asked, "Okay, so what's this problem?"
Web Server Connection Pooling Masks User Identities
Bing replied with continued exclamation "Websphere! Websphere web users! Connection Pooling! We have no idea what our Websphere users are doing inside of our corporate databases! There's no accountability and everyone from the CEO on down is stressed!"
"Ah yes," I said. "Web servers like Websphere, WebLogic, JBOSS, Sun J2EE, and Tomcat all mask the identities of end users thanks to connection pooling using a single userid."
Anonymous Users > No Accountability > Vulnerability
Bing nodded and added "And we have no (explitives omitted) idea who is doing what to our corporate data and the SOX Compliance people are stressed!"
"And you'll send me a tractor trailer truckload of cash if I can help your bank accurately determine who is doing what, when, and from where, so that accountability is restored and anarchy is avoided?" I asked with a hopeful look.
"Absolutely! But, it's impossible to solve, you can't do it, so don't start spending the money just yet!" he exclaimed with a wry grin.
I frowned with disappointment but was intrigued by the challenge. "What else do you need help with?" I asked.
"Auditing. Login failures. Tracking and controlling security changes. Tracking object maintenance. Tracking SYSADM and other power user activities. And the data can't be updated - it needs to be hardened for the auditors" Bing bemoaned.
"Would you like a Coke and fries with that solution?" I asked with a grin.
Well, that was about five months ago. We've been working very hard at DBI (I know I haven't blogged as often as I'd like) ever since. We want to help organizations achieve greater performance and accountability. We want to help prevent identity theft. We want to help with SOX Compliance. We're on a mission. We want all corporate data users to be accountable.
I am very pleased to announce that on March 31, 2006, DBI will have a solution for Bing and his bank. We'll have a solution for web end user database anonymity, or end user identity assertion as it is sometimes called. Brother-WatchDog(TM) uses breakthrough, US Patent Pending, technology to unmask anonymous web users and reveal their activities (data access, update, insert, delete, grant, revoke, create, drop) inside corporate databases. No web application changes are required. And, oh yes, we capture and track local users, power users, client users, SYSADMs, and the whole cast of characters too. The impossible problem is solved. Please contact DBI to learn more about our accountability solution - the identity theft you prevent may be your own!
Until next time,
Scott Hayes, IBM DB2 GOLDConsultant, President & CEO, Database-Brothers Inc.