Shulou(Shulou.com)06/01 Report--

Database audit-Auduit for Netwrix SQLSever is the first choice

Database audit concept

Audit, known as "audit" in English, checks and verifies the accuracy and completeness of objectives in order to prevent false data and fraud, as well as compliance with established standards, benchmarks and other audit principles.

Information technology audit is an inspection within the control of information technology (IT) infrastructure. Information system audit is through the collection and evaluation of audit evidence, the process of judging whether the information system can protect the security of assets, maintain the integrity of data, effectively achieve the objectives of the audited unit, and make efficient use of the organization's resources.

As an important part of information security audit, database audit is also an important part of the security of database management system. Through the audit function, all operations related to database security can be recorded. As long as the audit records are tested, the system security officer can grasp the usage of the database. For example, check the access mode of the entity in the library and monitor the behavior of the specified user. The audit system can track all the operations of users, which also makes the audit system have a deterrent power to remind users to use the database safely.

Database audit legislation

Sections 302 and 404 of the Sarbanes-Oxley Act (2002Sarbanes-Oxley Act) emphasize strengthening corporate governance through internal control, including strengthening the internal control of the IT system related to financial statements. Among them, the internal control of the IT system is oriented to specific business, which closely revolves around the core of information security audit.

"Enterprise internal control norms-basic standardized internal audit mechanism", China's Sarbanes Act, puts forward that improving internal audit institutions and strengthening internal audit supervision is an important guarantee for creating a law-abiding, fair and honest internal environment. The enterprise should strengthen the internal audit so as to form a good atmosphere in which the right must be responsible and the use of power is subject to supervision.

ISO7498 "Information processing Systems Open system Interconnection-basic reference Model" part II Security Architecture points out in "General description of Security Services and Security mechanisms" that security audit trail provides a security mechanism that can not be ignored, and its potential value lies in that security vulnerabilities can be detected and investigated after security audit. Safety audit is an independent evaluation and examination of the records and behavior of the system. the purpose is to test whether the control of the system is appropriate, to ensure that it is consistent with the accumulation of established strategies and operations, and to help to make damage assessment. and evaluate the changes specified in controls, strategies and procedures. Security audit requires recording information about security in the security audit trail, analyzing and reporting the information obtained from the security audit trail. Such logging or recording is considered as a security mechanism and described in this article, while analysis and reporting are regarded as a security management function.

"computer information system security level protection database management technical requirements" is one of a series of standards for computer information system security level protection technical requirements. This paper describes in detail the security technical requirements of the database management system for computer information systems to achieve the security level protection requirements put forward by GB17859, and the measures taken to ensure that the security functions realized by these security technologies achieve their due security. It clearly requires in the "Database Security Audit":

The security audit of database management system should establish an independent security audit system; define audit events related to database security; set up special security auditors; set up a security audit database dedicated to storing database system audit data; provide tools for security audit settings, analysis and access to database systems.

NetWrix is a company that specializes in IT auditing. Founded in 2006, headquartered in Irvine, California. As Microsoft's global gold partner, we are committed to auditing the IT environment on the WINDOWS platform. It is one of the top 100 software manufacturers in the world. Designed to provide a complete visibility IT infrastructure and enhance IT security with philosophical theory, simplify IT compliance and optimize IT operations. Simplify work for IT. Audit products supported by Netwrix now include NetWrixAuditor for AD,NetWrix Auditor for Exchange,NetWrixAuditor for File Server,NetWrixAuditor for SQL Server,NetWrixAuditor for Vmware,NetWrix Auditor for Windows Server,NetWrixAuditor for SharePoint,NetWrixAuditor for EMC.

Database audit is an important part of any data security strategy. Companies must audit their databases to prevent the most valuable data from leaking, meet regulatory standards, and ensure that the data is available to applications and users within 724. The Netwrix SQLServer audit tool simplifies SQLServer audit and reporting, thereby helping businesses ensure that their critical data is protected from unauthorized access.

Strengthen the security of SQL Server by detecting and investigating suspicious changes

Control all changes on the SQL Server in a timely manner, such as creating or deleting database user accounts, permissions for specific databases, tables, or stored procedures. Quickly detect all inappropriate behavior that may put data at risk. Investigate events by using interactive search and figure out how to prevent similar incidents from happening again in the future.

Gain control of SQL Server internal activities and demonstrate compliance

Demonstrate to internal and external auditors that all changes in the SQL Server environment are traceable and can quickly answer questions such as how the schema of tables such as who deleted the production-side SQL database or the production-side SQL database was modified. For historical electronic query and compliance purposes, SQL Server security audit data can be retained in an integrated, two-tier storage (file-based + SQL-based data) for more than 10 years.

Prepare SQL Server change reports with less effort and faster

Overcome the limitations of SQL Server Trace's limited audit and reporting functions. Instead of manually processing large amounts of raw data, you can access predefined audit reports and dashboards to give you a comprehensive understanding of the details of each change in an easy-to-read format, making it easy for you to filter and sort. Interactive search engines can easily extract the audit data you need.

Attachment: http://down.51cto.com/data/2368302

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.