Information ranging from trade secrets to financial and privacy data has become the target for high-tech theft....
Organizations that hold sensitive data within their databases have to comply with various corporate governance laws and initiatives such as Gramm-Leach-Bliley (GLBA), Sarbanes-Oxley (SOX), European Union Data Protection Directive (EUDPD), Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry (PCI) compliance initiative. Enforcing these corporate governance laws and meeting these various compliance and data protection requirements is not an easy task for IT managers and DBAs because auditors are looking into many aspects of a database environment, including user management, authentication, segregation of duties, access control and auditing.
Although SQL Server 2014 provides various security auditing tools you can use to monitor and audit SQL Server instances, they are not enough to meet these regulatory requirements. Therefore, many large enterprises remain dependent on third-party security auditing tools for compliance. Third-party security auditing tools are easy to install, easy to use, require minimal administrative support and provide the data and reports that help organizations to meet the requirements of SOX, PCI, HIPAA and other regulations. Let's look at what I consider to be the top three SQL Server third-party security auditing tools for identifying and resolving security problems proactively.
Idera SQL Compliance Manager
SQL Compliance Manager is a comprehensive low-impact and highly customizable auditing tool because it uses a lightweight data collection mechanism. It goes beyond traditional audit approaches by providing details about events to determine who did "what," "when," "where" and "how" -- and whether the event was initiated by privileged users or hackers.
SQL Compliance Manager also provides real-time monitoring, alerting and auditing of SQL Server activities such as database access, database schema changes, update action, server configuration and security changes. With the help of SQL Compliance Manager, organizations can easily meet compliance requirements because it includes built-in templates for over 16 regulatory citations such as Sarbanes-Oxley, GLBA, HIPAA, PCI DSS, Basel II and FERPA. These preset auditing settings can be customized using a simple wizard that can be configured to run across multiple SQL Servers.
SQL Compliance Manager allows DBAs to configure customized alerts for failed log-ins and other suspicious activity that could cause harm to your SQL Server environment. It also includes 25 predefined compliance reports that help DBAs validate SQL Server audit trails, which also can be customized according to business needs. DBAs can easily deploy these reports to SQL Server Reporting Services. SQL Compliance Manager is supported on SQL Server environments running SQL Server 2000 and later editions.
DbProtect, from Trustwave, is a robust and easy-to-use centralized real-time database activity monitoring and security auditing tool that helps organizations control their database security processes in a more intelligent and efficient way. DbProtect's key capabilities are identifying missing patches, misconfigurations, excessive user privileges and suspicious activities. It identifies the vulnerabilities of any database and prioritizes vulnerability remediation through risk analysis, which ensures that the most imminent threats are dealt with quickly.
It helps identify inappropriate access, monitors privileged user activity and provides alerts about unusual or suspicious behavior. Also, it provides monitoring templates for SOX, PCI-DSS, NIST 800.53, DISA STIG, HIPAA, and more. DbProtect includes an analytical dashboard that provides a bird's-eye view of your security posture. You can also use it to send scheduled email reports that contain information about security vulnerabilities to appropriate recipients. It is compatible will all editions of SQL Server.
ApexSQL Audit is another tool that monitors, audits and provides alerts on SQL Server user activity and data changes. It captures and stores all information about SQL Server activities such as schema changes, security changes, login information and detailed information about the event that can help you determine who did what, when and how on any SQL Server instance. This information is useful to quickly identify unauthorized or malicious changes that occurred on your SQL Server instance. All data that is captured is stored in a central, easy-to-manage repository.
You can export the audit data in plain text, PDF or Microsoft Excel format. ApexSQL also has the ability to generate full audit reports with details about each audited operation. ApexSQL can audit all databases including contained databases and FileTable changes. Moreover, ApexSQL Audit is compatible with all editions of SQL Server; in fact, it is the only tool that supports auditing for databases hosted on the SQL Azure database.
About the author:
Basit Farooq is a lead database administrator, trainer and technical author. He has more than a decade of IT experience in development, technical training and database administration on Microsoft SQL Server platforms. Farooq has authored numerous SQL Server technical articles. He has also developed and implemented many successful database infrastructure, data warehouse and business intelligence projects.
Learn about Azure SQL database's new feature, row-level security
Find out how Transparent Data Encryption protects data at rest