MONITOR, AUDIT, AND ALERT ON SQL SERVER USER ACTIVITY AND DATA CHANGES
SQL Compliance Manager is a comprehensive auditing solution that uses policy-based algorithms to track changes to your SQL Server objects and data. SQL Compliance Manager gives you detailed visibility to determine who did “what”, “when”, “where”, and “how”, whether the event is initiated by privileged users or hackers. SQL Compliance Manager also helps ensure compliance with regulatory and data security requirements including PCI DSS, DISA STIG, NERC, CIS, HIPAA, FERPA, and SOX. SQL Compliance Manager goes beyond traditional auditing approaches by providing real-time monitoring, alerting, and auditing of all data access, selects, updates, schema modifications and permission changes to SQL Server databases.
WHY SQL COMPLIANCE MANAGER?
Data security and regulatory compliance requirements have become increasingly stringent. Data compliance is now considered a “Must-Have,” not just nice to have. As a result, DBAs are tasked with the monumental job of providing an accurate audit trail of SQL Server activities such as database access, update actions, schema changes, and security changes. Unfortunately, auditing and reporting this information can often require weeks or months of custom development or in some cases the employment of a full-time DBA staff to provide scheduled or on-demand reports to auditors.
SQL Compliance Manager goes beyond traditional auditing approaches by providing real-time monitoring, alerting, and auditing of all data access, SELECT statements (includes column level granularity), DML, schema changes, permissions and logins to SQL Server databases, thereby providing quick, easy, accurate and trusted answers to what has transpired on your servers. The monitoring function gives DBAs detailed visibility to determine “who” did “what”, “when”, “where”, and “how”, whether the event is initiated by privileged users or hackers. Alerts can be configured to detect and track potential problems as well as notify you about any inappropriate access attempts.
SQL Compliance Manager also helps IT auditors demonstrate compliance using built-in reporting templates with pre-configured audit settings which align with regulatory citations to address regulatory and data security requirements such as SOX, PCI DSS, DISA STIG, NERC, CIS, FERPA, and HIPAA. SQL Compliance Manager provides the best SQL Server auditing, alerting, and reporting solution which ensures all server access and exceptions are tracked to comply with internal and external audits.
PRODUCT HIGHLIGHTS
- Audit Sensitive Data – Get detailed visibility of who did what, when, where and how
- Improve Visibility – Web-based dashboard simplifies access from any browser
- Track and Detect Changes – Monitor and audit all data access, failed logins, and schema and permission changes
- Uncover Security Threats – Customize alerts and be notified of suspect activity by privileged users or hackers
- Quickly Satisfy Audits – Demonstrate compliance with built-in industry regulatory templates
- Easily Generate Reports – Deliver over 25 out-of-the-box reports to validate SQL Server audit trails
- Minimize Overhead – Reduce impact on audited servers via a lightweight data collection mechanism
KEY BENEFITS
Continuous, Flexible Auditing
SQL Compliance Manager goes beyond traditional auditing approaches by providing real-time monitoring and auditing of all data access, updates, data structure modifications and changes to security permissions. The type and detail of audit data collected is highly configurable and may be defined at the server, database and object level. No changes to applications or production databases are required.
Immediate notification of suspect activity
SQL Compliance Manager can be configured to alert DBAs of suspect server activity, either via e-mail or the event log. The alerting engine includes powerful features such as flexible alert definition, alert templates, custom messaging, and alert reporting, and alerts can be applied across the board, or to specific servers, databases, or tables, for more fine-grained control.
Minimal performance impact
SQL Compliance Manager employs a very efficient, low-overhead data collection mechanism to minimize impact on audited servers. A lightweight agent monitors the SQL Server trace events, extended events, and audit log files, collects the audit data and sends it back to the repository. SQL Compliance Manager does not use high-overhead approaches that can impact server performance such as profiling, ‘heavy’ tracing options or log scraping.
Powerful reporting and analytics
SQL Compliance Manager provides ‘out of the box’ reports to address a broad range of auditing and security reporting needs and demonstrate compliance to multiple industry regulations. These reports were developed in conjunction with industry experts in security, compliance and auditing policies, such as Ernst and Young and Information Shield Inc. All reports may be easily customized, plus the user-friendly schema of the audit data repository enables rapid development of ad-hoc queries and reports for detailed forensic analysis.