IDERA, a provider of database lifecycle management solutions, has added capabilities in the latest version of its SQL Secure product, including the ability to run new security and permission checks against extensive audit rules, eliminating vulnerabilities and decreasing risk.
According to IDERA, the need for higher security measures is being driven by recommendations for security best practices and the fact that the cost of data breaches is soaring. IDERA cites data industry data that the average cost of lost or stolen records in a data breach is now estimated at more than $158 per record, and points out that regulatory requirements are becoming more stringent. Because of this, it says that companies that are concerned about data breaches must have both proactive as well as reactive strategies in place. Adding to the pressure, IDERA noted, is a recent FBI warning that urged organizations to implement the principle of “least privilege” for database accounts, limiting users’ access to the bare minimum set of resources required to perform business tasks, with access only given to the specific tables an account requires to function properly.
To help address these concerns, IDERA has added a new automated server registration process in SQL Secure that supports management of the security settings of multiple SQL Servers. In addition, server group tagging functionality allows DBA teams to view and manage security policies across multiple SQL Servers using user-defined groups such as department, line of business, region or application. There are also nine new security audit rules for risk assessment enable broader database access checks, configuration checks and permission checks.
According to Robert Anderson, vice president of product management at IDERA, SQL Secure provides a proactive SQL auditing approach to help DBA teams avoid the tedious and error-prone processes of using scripts and spreadsheets or general purpose native tools to track security and permissions and then handing off those results to auditors.
The latest release of IDERA’s SQL Secure provides features for activity tracking, activity/risk forensics, risk response with near real-time alerting for response and accountability, risk mitigation with visibility into elevated rights and what users are capable of doing, as well as general accountability with the right forensic tools in place for daily reporting and auditor expectations
For more information on IDERA SQL Secure, visit www.idera.com/productssolutions/sqlserver/sqlsecure/overview.