IBM Security Guardium Data Encryption

Encrypt sensitive data to help ensure compliance


IBM Security Guardium Data Encryption provides encryption capabilities to help you safeguard structured and unstructured data and comply with industry and regulatory requirements. This software performs encryption and decryption operations with minimal performance impact and requires no changes to databases, applications or networks.

IBM Security Guardium Data Encryption offers:


  • Transparent, rapid implementation — requires no changes to applications, the underlying database or hardware infrastructure.
  • Centralized key and policy management — delivers a unified management system to help simplify data security management.
  • Compliance-ready capabilities — provide granular auditing and reporting to help you meet data governance requirements such as the Health Insurance Portability and Accountability Act (HIPAA) and PCI Data Security Standard (PCI DSS).


Transparent, rapid implementation

  • Performs encryption and decryption above the file system or logical volume layer so it is transparent to users, applications, databases and storage subsystems.
  • Requires no coding or modification to applications or databases.
  • Protects both structured and unstructured data.
  • Provides scalability for large and complex environments including thousands of systems and files. IBM Security Guardium Data Encryption also scales to help protect data in new computing models like cloud and big-data environments.
  • Provides extensible protection to log files, configuration files and other database output.

Centralized key and policy management

  • Provides a secure, centralized method of administering encryption keys and policies.
  • Enables consistent and common best practices for managing the protection of structured and unstructured data.
  • Supports established data classification and acceptable use policies.

Compliance-ready capabilities

  • Enforces separation of duties by supporting separate database management system (DBMS) and security administration.
  • Provides granular and configurable auditing and reporting of access requests to protected data, as well as changes to policies and keys.
  • Provides audit management to reduce audit scope.
  • Integrates with existing security information and event management (SIEM) solutions.
top down