Whitepaper : Top Five Items to Audit in SQL Server
SQL Server provides robust capabilities to monitor itself, and it can be easy to be overwhelmed with the choices presented through catalog or dynamic management views, extended events, server-side traces (for older versions of SQL Server), or performance counters. That is true on the security side as well.
This whitepaper presents the top five items you should be auditing on all of your SQL Servers, and how to do them. Keeping an eye on these items will help you verify database security and access to your environment. They are: Who has administrative access to SQL Server? Who has been granted CONTROL and IMPERSONATE permissions? Who are the database owners? What are the respective database permissions? What failed logins are you getting on your SQL Servers?
Author: K. Brian Kelley
Share This:
K. Brian Kelley is a SQL Server author, columnist, and Microsoft Most Valued Professional (MVP), focusing primarily on SQL Server and Windows security. In addition to being a database administrator, he has served as an infrastructure and security architect encompassing solutions with Citrix, virtualization, and Active Directory. Brian is also a Certified Information Systems Auditor and has been the head of a computer incident response team of a financial organization. Brian is active in the information technology community, having spoken at DevConnections, SQL Saturdays, code camps, and user groups.
Register to read the full whitepaper.
See Also:
- Whitepaper: Protecting Personally Identifiable Information in Databases
- Whitepaper: What You Need to Know About Compliance Audits
- Whitepaper: Are You Aware of These Database Risks?
- Whitepaper: How to Handle the Complexities of Regulatory Compliance
- Whitepaper: The Trade-off Between Database Security and Database Performance
- Whitepaper: Ensuring the Security of Personally Identifiable Information (PII) within U.S. Federal Government Agencies
- Webcast: Adopting a Compliance & Auditing Mindset
- Webcast: Database Auditing Essentials: Tracking Who Did What to Which Data When
- Webcast: Keep your Healthcare Databases Secure and Compliant
- Webcast: Handling HIPAA Compliance with Your Data Access
- Webcast: IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Premises
- Webcast: IDERA Live | Mitigating Data Risks from Cloud to Ground
- Webcast: 7 Tips and Tricks for Auditing SQL Server
- Webcast: An Introduction to Auditing & Compliance for SQL Server
- Webcast: Auditing SQL Server Using Extended Events
- Webcast: Deploying and Maintaining SQL Server Configuration Standards
- Webcast: Manage SQL Server Security Permissions and Audits
- Webcast: Performing a SQL Server Security Risk Assessment Webinar
Topics :
Database Compliance,
Products :
SQL Compliance Manager,
SQL Server provides robust capabilities to monitor itself, and it can be easy to be overwhelmed with the choices presented through catalog or dynamic management views, extended events, server-side traces (for older versions of SQL Server), or performance counters. That is true on the security side as well.
This whitepaper presents the top five items you should be auditing on all of your SQL Servers, and how to do them. Keeping an eye on these items will help you verify database security and access to your environment. They are: Who has administrative access to SQL Server? Who has been granted CONTROL and IMPERSONATE permissions? Who are the database owners? What are the respective database permissions? What failed logins are you getting on your SQL Servers?
Author: K. Brian Kelley
Share This:
K. Brian Kelley is a SQL Server author, columnist, and Microsoft Most Valued Professional (MVP), focusing primarily on SQL Server and Windows security. In addition to being a database administrator, he has served as an infrastructure and security architect encompassing solutions with Citrix, virtualization, and Active Directory. Brian is also a Certified Information Systems Auditor and has been the head of a computer incident response team of a financial organization. Brian is active in the information technology community, having spoken at DevConnections, SQL Saturdays, code camps, and user groups.
Register to read the full whitepaper.
See Also:
- Whitepaper: Protecting Personally Identifiable Information in Databases
- Whitepaper: What You Need to Know About Compliance Audits
- Whitepaper: Are You Aware of These Database Risks?
- Whitepaper: How to Handle the Complexities of Regulatory Compliance
- Whitepaper: The Trade-off Between Database Security and Database Performance
- Whitepaper: Ensuring the Security of Personally Identifiable Information (PII) within U.S. Federal Government Agencies
- Webcast: Adopting a Compliance & Auditing Mindset
- Webcast: Database Auditing Essentials: Tracking Who Did What to Which Data When
- Webcast: Keep your Healthcare Databases Secure and Compliant
- Webcast: Handling HIPAA Compliance with Your Data Access
- Webcast: IDERA Live | Understanding SQL Server Compliance both in the Cloud and On Premises
- Webcast: IDERA Live | Mitigating Data Risks from Cloud to Ground
- Webcast: 7 Tips and Tricks for Auditing SQL Server
- Webcast: An Introduction to Auditing & Compliance for SQL Server
- Webcast: Auditing SQL Server Using Extended Events
- Webcast: Deploying and Maintaining SQL Server Configuration Standards
- Webcast: Manage SQL Server Security Permissions and Audits
- Webcast: Performing a SQL Server Security Risk Assessment Webinar
Topics : Database Compliance,
Products : SQL Compliance Manager,