DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
View Events Video Library
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

Integrating PostgreSQL Databases with ANF: Join this workshop to learn how to create a PostgreSQL server using Instaclustr’s managed service

Mobile Database Essentials: Assess data needs, storage requirements, and more when leveraging databases for cloud and edge applications.

Monitoring and Observability for LLMs: Datadog and Google Cloud discuss how to achieve optimal AI model performance.

Automated Testing: The latest on architecture, TDD, and the benefits of AI and low-code tools.

Related

  • How To Use SQL To Analyze and Visualize Data
  • NULL in Oracle
  • Supercharging Data Analytics With SQL in S4 HANA and Domo: A Machine Learning Perspective
  • SQL Query Performance Tuning in MySQL

Trending

  • Log Analysis: How to Digest 15 Billion Logs Per Day and Keep Big Queries Within 1 Second
  • Deploy Like a Pro: Mastering the Best Practices for Code Deployment
  • Vector Database: A Beginner's Guide
  • Edge Data Platforms, Real-Time Services, and Modern Data Trends
  1. DZone
  2. Data Engineering
  3. Databases
  4. Dealing With Regulation: Audit and Compliance in SQL Server

Dealing With Regulation: Audit and Compliance in SQL Server

Whatever the regulations in your industry, compliance is always a pain and auditing is never a good time. Fortunately, Redgate's been working on a few solutions.

Jonathan Roberts user avatar by
Jonathan Roberts
·
Apr. 11, 17 · Tutorial
Like (0)
Save
Tweet
Share
3.29K Views

Join the DZone community and get the full member experience.

Join For Free

In Foundry – Redgate’s research division – we’re focused on exploring new products and technologies for the Microsoft data platform. Over the last few months, we’ve been taking a close look at the problems people face when auditing and meeting regulatory compliance for SQL Server.

An Introduction to Compliance and SQL Server

Our research has given us some interesting problems to explore and we’d like to get your input: you can help us out and influence what we do next by filling in this survey (and being in with a chance to win $100), or having a look at our prototypes.

What's It Like to Be Audited?

We’ve been out and spoken to people around the world who are working to achieve and maintain compliance; database professionals, internal compliance managers, and external consultants. During these conversations, we’ve heard about a plethora of regulations in great detail.

We’ve learned about security standards (including ISO27001 and PCI-DSS), about auditing accountability (such as SOX and JSOX), about financial regulatory frameworks (like BASEL3), and about regulations for handling personally identifiable information both generally (GPDR), and in healthcare (HIPAA and IG).

And through all these conversations we’ve come to understand that there’s not a great deal of built-in support for people working on the Microsoft data platform carrying out these audit and compliance activities.

We’ve identified six activities that Redgate could help with, and produced an interactive concept to illustrate a potential solution for each.

Audit and Compliance Activities

Trace User Access to Resources and Data

UI for tracing user accessAudit the users and groups that have access to specific resources across your organization

This feature demonstrates tracing access to a database object across the Active Directory boundary and results in the generation of a PDF report – a common exercise and form of evidence produced during an audit. Try the user access trace demo.

Discovering Unsatisfactory Server Configuration and Patch Level

UI for detecting server config that impacts complianceAudit your machines and SQL Servers to understand configuration settings that compromise your compliance

The state of both the SQL Server and the machine that it’s running on can change over time or become stale. While querying and maintain a single instance can be relatively straightforward, keeping on top of multiple instances and servers can be difficult. Try the server configuration compliance demo.

Fast and Thorough Alerting for Security Issues

UI for getting compliance alertsGet notified when a security incident or potentially compromising activity occurs with the information you need to respond quickly

Even when you have policies in place, it can continue to be a challenge to keep on top of the changes that may undermine your compliance. The compliance inbox actively monitors your resources for events that compromise compliance. Try the compliance alert demo.

Protecting Against the Spread of Personal Data Within Your Organization

UI for protecting production data spreadTrack the use of sensitive production data within your organization

Full production backups are integral to database administration, but once created they can take on a life of their own. Tracking the lifecycle of backing up a database to a fileshare, restoring it to different servers and then backing it up again is not easy. Try the production data protection demo.

Detect and Audit Out-Of-Process Changes

UI for detecting out of process changesReview and catalog changes made outside of your standard process or those without a work-item ticket

A well-documented and understood change management process can fall down when urgent work items need to bypass certain stages. Tying this work back to individual work items when auditing at a later stage can be difficult and time-consuming (searching JIRA for matching timestamps, etc). Try the demo for detecting out-of-process changes.

Detect unauthorized or suspicious activity

UI for capturing SQL queries and detecting anomalous onesFind suspicious or atypical behavior by collecting query metadata data – learn who has run what and when

When audit logs are large, it’s difficult to report on all the activity (see what data was accessed and when), let alone pick out anomalous behavior. Try the SQL query capture demo.

Tell Us About Your Audit Experience and Win $100

We’d really like to hear about your experience with audit and compliance activities in SQL Server. Complete our survey and leave your details to be in with a chance of winning an Amazon gift card worth $100 (or the equivalent in your preferred currency).

Complete the survey to enter the draw. (The survey closes 30 April 2017, and the draw will take place on 1 May 2017.)

About Foundry

Foundry is Redgate’s product research and development division. Based in Cambridge, UK, we’re responsible for delivering the newest products and technology for professionals using the Microsoft data platform. You can find out more about the Foundry team and what it does on our web page, where you can also keep up to date with the latest projects and prototypes, or if you’d like to talk to the team about your audit and compliance projects.

sql

Published at DZone with permission of Jonathan Roberts, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Related

  • How To Use SQL To Analyze and Visualize Data
  • NULL in Oracle
  • Supercharging Data Analytics With SQL in S4 HANA and Domo: A Machine Learning Perspective
  • SQL Query Performance Tuning in MySQL

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends: