Simple Audit Solution Provides Tight Security
A reader highlights his favorite product: Audit DB.
October 18, 2005
Three years ago,Andre Alicea wasn't looking for a security package. He simply wanted a way to track his small team's database changes. What he found was Lumigent Audit DB; what he got was a simple solution that has grown into an airtight, automated security solution that protects his company's client data and simplifies his daily life.
Alicea is the Manager of Database Administration for a company that provides accident-management and driver-safety services for the fleet industry. His company's clients are organizations such as large corporations or trucking companies that keep fleets of cars or trucks and self-insure those vehicles. When drivers of these fleet vehiclesget into accidents, Alicea's company refers them to repair facilities and arranges interim transportation. In addition, Alicea's company helps clients keep insurance costs down by providing motor vehicle record checks to identify risky drivers and steering those people toward driver-training courses.
To support these services,Alicea's company uses proprietary software and Web applications. His SQL Server shop contains about 20 development, test, and production servers, and Alicea oversees all database-related processes in the shop, from backup and disaster recovery to database development to software developer assistance. Before Alicea's purchase of Audit DB (formerly known as Entegra) three years ago, "there wasn't a focus on IT security protocols," he says."We weren't looking to plug a particular hole. We just wanted a product to audit the system for any unauthorized changes."
He chose Audit DB because it provides comprehensive monitoring and auditing of data access and modifications.The product tells you what data has been accessed by what user or application, how the data was modified and when, and who has viewed certain data. With this information, you can meet internal auditing and operations requirements for data management and support internal data security and privacy policies. You can also comply with government regulations for data access.
Audit DB uses low-impact data agents to audit target servers. These data agents harvest information about database activity and can generate alerts to let you know about login activity and changes to database structure and permissions. Designed for easy administration across the enterprise, the product provides simple scheduling and configuration of data agents from a single console across databases and database platforms.Then, the product archives audit data in structured repositories for easy analysis and reporting.
After implementing Audit DB, Alicea found he was ahead of the game as public scrutiny of security protocols became more prevalent. "We aren't subject to any government auditing," he says,"but we do deal with lots of sensitive data such as driver information and history.When we first got the product, we didn't have a way to identify who did what when. Now, people know their actions are monitored."
Alicea believes that because he's in a small shop, he doesn't face some of the kinds of security-breach problems that larger companies have to deal with. But his team takes security seriously, and Audit DB has become the foundation for a tight security application.
Alicea says the product's biggest benefit is that he doesn't have to monitor it every day."With a tool like this, the less you see of it, the better," he says. He knows the tool is doing what it's supposed to, so he's free to get on with all the other parts of his busy day.
About the Author
You May Also Like