June 25, 2012 at 6:40 am
I am a DBA,i had an account with IT Auditors asking me,who monitors my actions in the database.I could not answer because there is no one who does that.How best can the actions be motored to the satisfactory level of auditors.
“When I hear somebody sigh, ‘Life is hard,’ I am always tempted to ask, ‘Compared to what?’” - Sydney Harris
June 25, 2012 at 6:43 am
What is the question?
June 25, 2012 at 6:48 am
Ask the auditors what level of monitoring they require.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
June 25, 2012 at 6:52 am
I have rephrased the post.
“When I hear somebody sigh, ‘Life is hard,’ I am always tempted to ask, ‘Compared to what?’” - Sydney Harris
June 25, 2012 at 6:55 am
As Gail said, I would first ask the auditers what they define as monitoring and what they want you to monitor.
Then you can take it from there as what to create, be it custom DDL triggers, automated processes etc.
June 25, 2012 at 7:21 am
You can look at these products to get an idea of what 3rd Party tools are doing to address this.
IBM InfoSphere Guardium
http://www-01.ibm.com/software/data/guardium/monitor-privileged-users/
Idera SQL compliance manager
http://www.idera.com/SQL-Server/SQL-compliance-manager/
iMPERVA SecureSphere
http://www.imperva.com/products/dsc_database-security-and-compliance-overview.html
Again this is a short list just to show what vendors are doing to address the need.
June 25, 2012 at 7:22 am
It does depend a lot on what the auditors would consider an adequate level of monitoring.
Perhaps a server-side trace would be good enough. That would be pretty minimal level, and relatively easy to bypass, but it might be good enough for what they need. This one would be for "we trust you, we just need to know what you've done so we can account for it".
Perhaps one of the high-security 3P auditing tools like what Lumigent, Blackbird, and Idera can do, would be required. That's "we can't/don't trust you, or anyone else, and need to know everything that goes on, for legal/security/paranoia reasons".
Perhaps something in between.
The built-in auditing tools have data here: http://msdn.microsoft.com/en-us/library/cc280386.aspx
- Gus "GSquared", RSVP, OODA, MAP, NMVP, FAQ, SAT, SQL, DNA, RNA, UOI, IOU, AM, PM, AD, BC, BCE, USA, UN, CF, ROFL, LOL, ETC
Property of The Thread
"Nobody knows the age of the human race, but everyone agrees it's old enough to know better." - Anon
June 25, 2012 at 7:28 am
Ok,thank you.
“When I hear somebody sigh, ‘Life is hard,’ I am always tempted to ask, ‘Compared to what?’” - Sydney Harris
Viewing 8 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply