Database Administrator at a insurance company with 10,001+ employees
Real User
2018-08-05T06:48:00Z
Aug 5, 2018
Auditing. We mainly use it to follow up on changes to the individual databases. We audit exactly what the database administrators are doing. Those are the main two points. In some situations, we have the need to really audit everything that happens on a certain table, if there is any highly critical information there. We follow no particular regulation criteria. We have an individual catalog of potential issues, and we have a template that we are using. We did a risk assessment, and we identified several points that have to be checked by Compliance Manager and several other tools. We also use SQL Secure from IDERA. We established some custom counters in Diagnostic Manager, for example, to check certain parameters, just to make sure that everything is working as intended by us.
What is database security? Database security consists of a range of security controls, tools and practices designed to protect the database management system (DBMS). There are several security measures your organization should implement, from protecting the physical infrastructure holding the servers to securing the network and access to the data.
Database security tools and practices should protect:
Data inside the database
The database management system
Data in transit from and to...
Our primary use case for this solution is for controls, which we deploy on-premises.
It is mainly used to monitor and audit all SQL Servers, and data is being used by our Internal Audit team for SOX auditing.
We mostly use it so we can audit if a non-admin does something to a database.
We use it for auditing requirements. We also use it to identify activities, see what is going on, who is connecting.
Auditing. We mainly use it to follow up on changes to the individual databases. We audit exactly what the database administrators are doing. Those are the main two points. In some situations, we have the need to really audit everything that happens on a certain table, if there is any highly critical information there. We follow no particular regulation criteria. We have an individual catalog of potential issues, and we have a template that we are using. We did a risk assessment, and we identified several points that have to be checked by Compliance Manager and several other tools. We also use SQL Secure from IDERA. We established some custom counters in Diagnostic Manager, for example, to check certain parameters, just to make sure that everything is working as intended by us.