MONITOR, AUDIT, AND ALERT ON SQL SERVER USER ACTIVITY AND DATA CHANGES
Simplify your SQL Server audits. SQL Compliance Manager is a comprehensive auditing solution that uses policy-based algorithms to track changes to your SQL Server objects and data. SQL Compliance Manager gives you detailed visibility to determine who did “what”, “when”, “where”, and “how”, whether the event is initiated by privileged users or hackers. SQL Compliance Manager also helps ensure compliance with regulatory and data security requirements including PCI DSS, DISA STIG, NERC, CIS, GDPR, HIPAA, FERPA, and SOX. SQL Compliance Manager goes beyond traditional auditing approaches by providing real-time monitoring, alerting, and auditing of all data access, selects, updates, schema modifications and permission changes to SQL Server databases.
WHY SQL COMPLIANCE MANAGER?
Data security and regulatory compliance requirements have become increasingly stringent. Data compliance is now considered a “Must-Have,” not just nice to have. As a result, DBAs are tasked with the monumental job of providing an accurate audit trail of SQL Server activities such as database access, update actions, schema changes, and security changes. Unfortunately, auditing and reporting this information can often require weeks or months of custom development or in some cases the employment of a full-time DBA staff to provide scheduled or on-demand reports to auditors.
SQL Compliance Manager goes beyond traditional auditing approaches by providing real-time monitoring, alerting, and auditing of all data access, SELECT statements (includes column level granularity), DML, schema changes, permissions and logins to SQL Server databases, thereby providing quick, easy, accurate and trusted answers to what has transpired on your servers. The monitoring function gives DBAs detailed visibility to determine “who” did “what”, “when”, “where”, and “how”, whether the event is initiated by privileged users or hackers. Alerts can be configured to detect and track potential problems as well as notify you about any inappropriate access attempts.
SQL Compliance Manager also helps IT auditors demonstrate compliance using built-in reporting templates with pre-configured audit settings which align with regulatory citations to address regulatory and data security requirements such as SOX, PCI DSS, DISA STIG, NERC, CIS, FERPA, GDPR, and HIPAA. Flexible filters and settings enable better granularity for generating audit reports. SQL Compliance Manager provides the best SQL Server auditing, alerting, and reporting solution which ensures all server access and exceptions are tracked to comply with internal and external audits.
PRODUCT HIGHLIGHTS
- Track and manage SQL Server database compliance quickly and easily
- Audit servers, databases, and sensitive data to see who did what, when, where, and how
- Monitor and alert on suspicious activity to detect and track potential problems
- Satisfy audits with configurations and reports for multiple regulatory guideline requirements
- Reduce impact on audited servers via a lightweight data collection mechanism
- Web-based dashboard simplifies visibility and reporting for auditors and reviewers
KEY BENEFITS
Continuous, Flexible Auditing
SQL Compliance Manager goes beyond traditional auditing approaches by providing real-time monitoring and auditing of all data access, updates, data structure modifications and changes to security permissions. The type and detail of audit data collected is highly configurable and may be defined at the server, database and object level. DBAs can quickly compare a customized or modified audit configuration against the regulation guidelines or the default settings to verify that the settings are compliant. No changes to applications or production databases are required.
Immediate notification of suspect activity
SQL Compliance Manager can be configured to alert DBAs of suspect server activity, either via e-mail or the event log. The alerting engine includes powerful features such as flexible alert definition, alert templates, custom messaging, and alert reporting, and alerts can be applied across the board, or to specific servers, databases, or tables, for more fine-grained control.
Minimal performance impact
SQL Compliance Manager employs a very efficient, low-overhead data collection mechanism to minimize impact on audited servers. A lightweight agent monitors the SQL Server trace events, extended events, and audit log files, collects the audit data and sends it back to the repository. SQL Compliance Manager does not use high-overhead approaches that can impact server performance such as profiling, ‘heavy’ tracing options or log scraping.
Powerful reporting and analytics
SQL Compliance Manager provides ‘out of the box’ reports to address a broad range of auditing and security reporting needs and demonstrate compliance to multiple industry regulations. These reports were developed in conjunction with industry experts in security, compliance and auditing policies, such as Ernst and Young and Information Shield Inc. Extensive filtering options make it easy to customize the built-in reports to include specific user or server activity, such as trusted and privileged users. The user-friendly schema of the audit data repository enables rapid development of ad-hoc queries and reports for detailed forensic analysis.