Start trial

    The global average cost of data breach in 2021 was over $4.2M, surging 10% from last year. As data becomes ever more valuable, organizations must fend off cyber-attacks which keep increasing in number and sophistication.

    Regulated organizations require a technology stack that enables them to demonstrate compliance upon request. This adds a further level of complexity to meet those compliance requirements.

    img-man-stressed-at-office-01This complex reality has led to strict regulations that require tighter safeguards and more secure environments to protect data across multiple locations.
    As a result, data integrity is becoming increasingly important as organizations transfer data between various IT environments and cloud service providers. Organizations who need enhanced data portability must develop platforms to provide enhanced flexibility, deliver improved performance, and meet security and regulatory requirements.

    The challenge

    Regulated organizations - not limited to banks and stock exchanges - need to maintain secure compute environments and data protection across all locations. And on top of that, they need to demonstrate compliance upon request. The technology stack which enables these functions needs to be constantly validated. The compliance requirements adds a further level of complexity to meet these requirements.

    Building a secure, compliance-ready data serving solution

    To manage the costs and complexity associated with compliance, organizations can automate the process of continual collection of data and compliance records. With Fujitsu Enterprise Postgres, organizations can achieve better accuracy and reduce reporting and compliance costs to meet stringent standards such as PCI DSS (Payment Card Industry Data Security Standard) and NIST SP800-53 (National Institute of Standards and Technology).

    The IBM z16 features the IBM Z Security and Compliance Center (IBM zSCC) which helps clients simplify compliance and move towards continuous compliance readiness. With IBM zSCC, organizations can:

    • Customize profiles built specifically for regulatory requirements to accommodate or establish their regulatory framework
    • Automatically discover data servers to extract compliance facts
    • View compliance posture in near real time with dashboards and reporting

    IBM zSystem customers surveyed anticipate that by using the IBM Z Security and Compliance Center on IBM z16, they can:

    • Save time: Potentially reduce audit preparation time from one month to one week
    • Augment resources: Potentially reduce the number of employees focused on audit preparation functions by over 40%
    • Increase visibility: Automate the collection and validation of facts against goals to help increase visibility into potential compliance oversights

    Compliance data can be automatically collected on an ongoing basis. The IBM Z Security and Compliance Center stack constantly encrypts the data being collected. When using a Postgres database solution such as Fujitsu Enterprise Postgres, clients can combine current and past data and use IBM zSCC to create on-demand compliance reports quickly and comprehensively.

    In general, Fujitsu Enterprise Postgres on IBM z16 delivers data from server to database. It can help organizations improve their applications and enterprise data portfolio by providing innovative data privacy, security, and cyber resiliency. In particular, Fujitsu supports IBM’s security and compliance controls by providing a data repository which allows:

    • Automating security and compliance positions
    • Enabling governance configuration
    • Detecting vulnerabilities and threats

    To find out more and discuss how your organization can achieve secure, compliance-ready data serving, please reach out to a Fujitsu Enterprise Postgres expert here.


    * Source: Cost of a Data Breach Report 2021:

     It is important to note that while IBM cannot ensure regulatory compliance, the intent is to provide a point in time statement of the customer's current posture for a specific group of resources. The responsibility of ensuring systems are configured in accordance with regulatory controls is on the individual businesses who are using the IBM Z Security and Compliance Center and IBM does not take responsibility for any compliance oversights or penalties associated with data breaches. Select Industry regulations views: PCI DSS - Payment Card Industry Data Security Standard, NIST SP800-53 - National Institute of Standards and Technology. Sourced from the IBM ZSCC Sponsor User Program and zDC.

    Subscribe to be notified of future blog posts
    If you would like to be notified of my next blog posts and other PostgreSQL-related articles, fill the form here.
    We also have a series of technical articles for PostgreSQL enthusiasts of all stripes, with tips and how-to's.


    Explore PostgreSQL Insider >

    Topics: Database security, Data governance, Regulatory compliance

    Receive our blog

    Fill the form to receive notifications of future posts

    Search by topic

    see all >

    Read our latest blogs

    Read our most recent articles regarding all aspects of PostgreSQL and Fujitsu Enterprise Postgres.