Database security with SQL Server ! PAM

As such, organisations can now securely manage, monitor, record and audit database administrators’ access to SQL Server environments. This gives greater control over appropriate privileged user activity and enables users to more quickly and effectively identify suspicious behaviour.

One Identity is the first privileged access management (PAM) vendor to audit SQL Server and Azure SQL Database connections by native client support.

According to the company, database security, and securing privileged access in SQL server environments is more important than ever.

Cyber criminals are looking for access to privileged or administrative accounts because once inside they can gain access to an organisation’s most sensitive data and systems.

One Identity states, thousands of organisations worldwide rely on SQL Server databases to store highly sensitive information, from core business software to customer and employee information, making administrative access protections critical.

The company states that if a database administrators’ credentials and access is not properly managed and monitored, sensitive data within the database, as well as within other systems, could be exposed.

“Key to protecting these assets is ensuring that database administrator access and activity is fully monitored and managed in order to quickly identify suspicious commands and potential security threats.

One identity launched native support for recording SQL Server and Azure SQL Database sessions in Safeguard to help organisations increase database security to protect their most sensitive and valuable information.

As for securing privileged access, One Identity states its Safeguard solution makes administrative access to SQL Server and Azure SQL Database fully managed, controlled and audited.

The integrated solution includes a secured and hardened password vault, a real-time session monitoring and recording and privileged behavior analytics.

These features are designed to mitigate threats while providing database administrators with the access they need to complete their job functions, the company states.

Security of SQL Server environments can be further improved with two-factor authentication solutions, an integration with third party authentication and authorization systems with plugins or storing SQL passwords in the vault, according to One Identity.

Safeguard also features integrations with backend user management systems, such as Microsoft Active Directory or LDAP, with policy-based access enforcement and credential management.

Session monitoring and recording gives organisations real-time and historic visibility into the data and systems that database administrators access.

Audited sessions are encrypted, timestamped and stored in a trail file for tamper-proof evidence of actions taken throughout each session. Organisations can also execute commands, such as initiating security alerts, in near real-time when a risky command is observed.

Additionally, Safeguard serves as a proxy, inspecting application-level protocol traffic and can reject any traffic in violation of that protocol.

This ensures organisations can leverage their existing database tools and processes to access SQL environments, eliminating the need to increase security or changing the way users gain access to SQL environments.

Microsoft Azure Marketing senior director Wisam Hirzalla says, “Due to the critical data stored in SQL environments both on-premises and in the cloud, ensuring only authorised users get access is critical to data protection.

“One Identity Safeguards monitoring capabilities work natively with both SQL Server on-premises and Azure SQL Database to ensure only authorised users gain access.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s