Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

Protect and Monitor

By Steve Jones,

Keeping your database secure is something that every DBA strives for, and I think every manager expects to just happen. Even when they don't want to implement your stringent procedures, or want you to short cut a process to "get something done, " it seems managers and users still expect that your data will be secure.

So what can you do? Do your best, is really all you can do. Learn about security, try to follow best practices, and follow your own procedures, even when they are a pain. What does that mean? I wish I had a detailed security guide for you, and I'm working to get one set up.

I ran across this article from eWeek recently that talks about how to monitor and protect your databases. As with most mainstream articles, it's got just general information about what you should do, but there was one item I wasn't sure what to think about. There are three things they recommend, and the third piece of advice was to monitor access to your databases in real time.

Real time? Detect all access to sensitive information? Apparently the author of this article has never seen a Profiler trace and the amount of information that can be captured. SQL Server 2008 gives us more auditing capabilities, but still setting up an auditing system is a complex process. And I'm not sure there is some easy way to set up real-time monitoring and alerting that would allow you to respond to inappropriate access.

From what I can imagine a system to look like, you really need a real-timeĀ  SSIS package running and moving auditing data through some data mining system to determine if there is a need to respond to some action. That's something I'm not sure is easily built with the current tools. And if it's not easily built, it's often not implemented, or not done well. Neither of which makes for an effective solution.

The next evolution in auditing is making the system able to easily audit changes in data and then alert someone to take a look, either in real time or queued up for later perusal. I'm not sure when this will get added to SQL Server, but it's something that is needed to ensure that effective auditing can be built into applications.

Steve Jones


The Voice of the DBA Podcasts

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there.

You can also follow Steve Jones on Twitter:

Overall RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

I really appreciate and value feedback on the podcasts. Let us know what you like, don't like, or even send in ideas for the show. If you'd like to comment, post something here. The boss will be sure to read it.

 
Total article views: 301 | Views in the last 30 days: 1
 
Related Articles
ARTICLE

Auditing

For this Friday poll, Steve Jones asks about your auditing requirements.

ARTICLE

Podcast Announcements

Podcast Feeds

ARTICLE

Regular Audit Analysis

This Friday Steve Jones asks about how you handle audit data in your environment. Do you regularly a...

BLOG

Podcasting

A new video setup is on the way!!!! Actually I'll do a couple podcasts on podcasting over the hol...

FORUM

Podcast Problem

Podcast Problem Blocked by group policy

Tags
auditing    
editorial    
security    
 
Contribute