MONITOR, AUDIT, AND ALERT ON SQL SERVER USER ACTIVITY AND DATA CHANGES
SQL Compliance Manager is a comprehensive auditing solution that uses policy-based algorithms to track changes to your SQL Server objects and data. SQL Compliance Manager gives you detailed visibility to determine who did “what”, “when”, “where”, and “how”, whether the event is initiated by privileged users or hackers. SQL Compliance Manager also helps ensure compliance with regulatory and data security requirements such as SOX, PCI, FERPA, and HIPAA. SQL Compliance Manager goes beyond traditional auditing approaches by providing real-time monitoring, alerting, and auditing of all data access, selects, updates, schema modifications and permission changes to SQL Server databases.
WHY SQL COMPLIANCE MANAGER?
Data security and regulatory compliance requirements have become increasingly stringent. As a result, DBAs are tasked with the monumental job of providing an accurate audit trail of SQL Server activities such as database access, update actions, schema changes, and security changes. Unfortunately, auditing and reporting this information can often require weeks or months of custom development or in some cases the employment of a full-time DBA staff to provide scheduled or on-demand reports to auditors. SQL Compliance Manager eliminates this overhead by providing real-time monitoring, alerting, and auditing of SELECT statements (including column level granularity), DML, schema changes, permissions, and logins, giving quick, easy, accurate, and trusted answers to what has transpired on your servers. SQL Compliance Manager provides the best SQL Server auditing, alerting, and reporting solution which ensures all server access and exceptions are tracked to comply with internal and external audits. Furthermore, to ease the research and configuration required to comply with HIPAA, FERPA, SOX and PCI, SQL Compliance Manager delivers templates with pre-configured audit settings that align with regulatory citations.
PRODUCT HIGHLIGHTS
- Audit Sensitive Data – Get detailed visibility of who did what, when, where and how
- Improve Visibility – Web-based dashboard simplifies access from any browser
- Track and Detect Changes – Monitor and audit all data access, failed logins, and schema and permission changes
- Uncover Security Threats – Customize alerts and be notified of suspect activity by privileged users or hackers
- Quickly Satisfy Audits – Demonstrate compliance with built-in PCI, HIPAA, FERPA and SOX templates
- Easily Generate Reports – Deliver over 25 out-of-the-box reports to validate SQL Server audit trails
- Minimize Overhead – Reduce impact on audited servers via a lightweight data collection mechanism
KEY BENEFITS
Continuous, Flexible Auditing
SQL Compliance Manager goes beyond traditional auditing approaches by providing real-time monitoring and auditing of all data access, updates, data structure modifications and changes to security permissions. The type and detail of audit data collected is highly configurable and may be defined at the server, database and object level. No changes to applications or production databases are required.
Immediate notification of suspect activity
SQL Compliance Manager can be configured to alert DBAs of suspect server activity, either via e-mail or the event log. The alerting engine includes powerful features such as flexible alert definition, alert templates, custom messaging, and alert reporting, and alerts can be applied across the board, or to specific servers, databases, or tables, for more fine-grained control.
Minimal performance impact
SQL Compliance Manager employs a very efficient, low-overhead data collection mechanism to minimize impact on audited servers. A lightweight agent monitors the SQL Server extended events files, collects the audit data and sends it back to the repository. SQL Compliance Manager does not use high-overhead approaches that can impact server performance such as profiling, ‘heavy’ tracing options or log scraping.
Powerful reporting and analytics
SQL Compliance Manager provides ‘out of the box’ reports to address a broad range of auditing and security reporting needs. These reports were developed in conjunction with industry experts in security, compliance and auditing policies, such as Ernst and Young and Information Shield Inc. All reports may be easily customized, plus the user-friendly schema of the audit data repository enables rapid development of ad-hoc queries and reports for detailed forensic analysis.