IDERA – SQL Secure

IDERA – SQL Secure

Use Cases

DBAs have a heavy load when it comes to ensuring that their SQL Server environment complies with industry regulations such as CIS, DISA STIG, GDPR, HIPAA, NERC, NIST, PCI DSS, and SOX. Without a tool to automate the auditing and reporting, DBAs may spend days or weeks gathering and consolidating the required information.

In this era of data breaches, protecting corporate data from unauthorized access is a high priority. SQL Server DBAs need to ensure that permissions are limited to the right levels for users and groups, and that minimum access is enforced. If any inappropriate access is attempted, the DBA needs to be promptly notified of a potential risk.

It’s also important to ensure that permissions lists are updated regularly, particularly when people leave the organization. DBAs need to show proof that former employees or contractors no longer have access to corporate data, especially anything sensitive or mission critical. Keeping track of changes to database objects, permissions, logins, and group members is difficult when new databases and users are added.

• Identify vulnerabilities in your SQL Server and Azure environments
• Harden security policies across SQL Server and Azure SQL databases
• Rank security levels with the security report card
• Analyze and report on user permissions across database objects
• Comply with audits using customizable regulatory guideline templates

Identify Vulnerabilities

Understand who has access to what and identify each user’s effective rights across all SQL Servers (on premises, private cloud, Amazon EC2 or Azure VM), Amazon RDS for SQL Server, and Azure SQL Database objects.

Set Strong Security Policies

View a complete history of SQL Server security set­tings and designate a baseline to compare against future changes, providing a valuable audit trail for forensic analysis.

Prevent Security Violations

SQL Secure provides an IDERA-defined Level 2 security check for balanced intrusion protection that leverages MSBPA and CIS guidelines, and more. The security report card identifies top security vulnerabilities on your databases and servers. Each security check is categorized as High, Medium, or Low Risk. You can drill into each security check to get more detail.

Analyze User Permissions

Analyze membership to powerful server roles and groups such as administrators, systems administrators, and security administrators to ensure the level of access is warranted. From a group, see the list of group members and select a member for further analysis. From a user, see the group memberships and drill upwards to view inherited permissions.

Security Templates

Choose from templates for CIS, DISA STIG, GDPR, HIPAA, NERC, NIST, PCI DSS, and SOX.