SQL COMPLIANCE MANAGER
- Audit sensitive data to see who did what, when, where, and how
- Monitor and alert on suspicious activity to detect and track problems
- Satisfy audits for PCI, HIPAA, FERPA, and SOX requirements
- Select from over 25 pre-defined compliance reports and create custom views
- Lightweight data collection agent minimizes server impact
- Web-based dashboard simplifies access from any browser
Audit sensitive data
Comply with regulatory standards by auditing the most sensitive data contained in your databases, right down to the column level. Determine where sensitive data resides and add this data and columns to the audit wizard.
Stop potential threats
Track access and changes to databases, alert on failed log-ins, and customize alerts to notify of activities that could cause harm to your SQL Server environment.
Pass audits with ease
Templates for PCI, SOX, HIPAA, and FERPA help you meet compliance requirements. A simple wizard helps add these compliance regulations to your audited SQL Server objects with preset auditing settings aligned to over 16 regulatory citations.
Design and export views from the web dashboard to easily create custom reports and choose from over 25 pre-defined compliance reports for detailed auditing. Pre-defined reports were developed in partnership with auditing experts to address critical security auditing & compliance reporting requirements. The Microsoft Reporting Services reports are available in the Console or can be easily deployed to SQL Reporting Services and customized if needed.
Keeping an eye on SQL servers shouldn’t bring down your SQL enterprise. Using SQL Compliance Manager maintains a watchful eye on SQL servers without performance impact implications.
The web dashboard provides easy access to audit and compliance information from any web browser. Explore audited SQL Servers, configure and manage alerts and event filters, view and search activity and change logs, access audit reports, and more. The activity report card and audited instances widgets provide at-a-glance summaries of top audit activities and concerns.
Easily apply the right auditing settings to your servers and databases for Payment Card Industry (PCI), Family Educational Rights and Privacy Act (FERPA), Sarbanes Oxley Act (SOX), and Health Insurance Portability and Accountability Act (HIPAA) regulations. Extensive research is no longer required as you can simply define the objects and apply the (out-of-the-box) customizable templates.
Audit & Alert on Sensitive Columns
Audit any combination of columns and track who has issued “SELECT” statements against any table whether they are end-users or privileged users. Additionally, you can be alerted when any combination of columns are accessed.
Audit data changes on any table so you can compare before and after data values resulting from inserts, updates and deletions.
Audit Privileged Users
Allows you to include user-defined events (custom SQL Server event types) selected from a list in audited activities. You can audit, alert on, and filter user-defined events. Privileged user auditing is key to ensure all access to databases can be tracked and reported.
Low-overhead Data Collection
A lightweight agent captures data from the SQL Server trace files in real-time and extracts the selected events for auditing. The data collected is saved to the repository in scheduled batches.
Tamper-proof Audit Data Repository
Guarantees the integrity of audit data by providing an immutable repository – any attempts at changing or tampering with the audit data can be detected. In addition, powerful self-auditing features capture and alert on all changes to auditing policies and data collection parameters.
Users can be granted auditor privileges only. Users in the auditor role have read-only permission. This supports report and query execution as well as self-audit, integrity reporting, and alerting of changes to SQL compliance manager configuration and data collection parameters.
Powerful filtering capabilities enable you to collect only what is important for audit and compliance; reducing data collection, transmission and storage overhead.
Provides customized alerting for over 200 specific SQL Server Event types, allowing you to define rules to receive immediate notification when critical SQL server events occur. These events are stored in the audit repository, can be emailed directly to a user and/or written to an event log that feeds an in-house operations monitor system (e.g. SCOM).
Configure multiple event threshold levels and set alerts. Be alerted through email, windows event log, or SNMP when they are exceeded.
Supports comprehensive auditing of database events. For example, events can be captured for data changes resulting from INSERT, UPDATE, or DELETE activity on tables, or additional application context can be included within your audit trail.
User-Defined Event Auditing
Allows you to include user-defined events (custom SQL Server event types) selected from a list in audited activities. You can audit, alert on, and filter user-defined events.
Central Management Console
With the flexibility to utilize both a Windows or web-based console, SQL Compliance Manager provides enterprises multiple options to deploy and manage compliance based on their IT environment and needs. This enables rapid configuration and deployment of SQL compliance manager agents as well as real-time monitoring of agent activity and the audit data stream. This makes it easy to manage and track audit activity over a large number of servers.
Guided Instance Install
Guided installation wizard makes registering new SQL Server instances with SQL Compliance Manager fast and easy. This ensures permissions and rights are set correctly to monitor the new instance.
Central Data Repository
A central repository houses all audit data. The published, user-friendly repository schema enables easy development of queries and custom reports. In addition, multiple repositories may be used where required for security partitioning purposes.
Dynamic Deployment Technology
Automatically deploys and configures the SQL compliance manager agents, enabling rapid deployment and eliminating the need for time consuming software installs on your SQL servers.
Efficient Data Archive
Built-in archiving mechanisms enable archiving to be scheduled on any frequency and archives can easily be restored to the current audit data repository or a separate repository. Additionally, you can easily leverage SQL safe, IDERA’s high-performance backup solution, to compress and encrypt audit data archives.
Availability Group Support
Automatically switches the auditing from primary to the secondary replica in the event of failure as well as failback to primary when it comes back online. No loss of audit data trail in the event of failure.