When you are responsible for the integrity of your database — be it banking information, insurance details, or customer information — the threat of a data breach can keep you awake at nights. Data integrity and security breaches have increasingly become front- page news and a chronic headache for IT professionals.
If you had to produce a history of every record change in a database, could you do it? If the bank you work for is involved in accounts litigation, could you produce a forensic analysis of an account record and what values it contained at any given moment? Your ability to prove that a record had certain values and when it had those values can make or break a case in litigation.
Data security is often left to corporate programmers who create solutions specific to their applications. These solutions demand maintenance—an ongoing cost for the organization. Database providers can offer features with which you, as a programmer, can implement data recording. But these features are reserved for enterprise editions of those databases, and they come with the enterprise price tag that very quickly runs into 6 or 7 figures for systems such as Oracle, Microsoft SQL Server, and IBM’s DB2.
dbDefend's product, dbAudit, offers data recording for any size database. dbAudit uses the intrinsic technologies that come with all major database management systems and can, therefore, be easily and quickly adapted to your database. dbAudit is specifically designed to implement requirements of the Sarbanes-Oxley Act and HIPPA insurance requirements.
dbAudit is designed from the ground up to adhere to a strict set of rules. dbAudit is extensible, incorruptible, secure, centrally managed, failsafe and forensically sound. The system doesn’t have a single bottleneck and adjusts to future demand. The system is meta-data driven and completely parameterized. dbAudit can monitor all present and future applications because it resides with the Database and not with any application.
Features of dbAudit
Oracle, Microsoft SQL server, DB2, Sybase, MySQL, MariaDB, PostgreSQL, HANA, Teradata
- Create a history of single records. dbAudit tracks every event that occurs to sensitive records in your database (INSERT, UPDATE, or DELETE) making it easy to audit the trail of a record from creation to termination or archiving.
- Report WHO/WHAT/WHERE/WHEN made the change to each record
- (new!) Optionally block any transaction that attempts to alter data above a configurable limit (X number of records, or Y percent dollar amount increase).
- Restore a single data record. With the data browser in dbAudit, you can choose exactly what version of a record should be restored to the production database.
- Restore a single table. You can restore single tables, or all the tables, to the production database.
- Restore a point in time. With dbAudit’s restore feature, you can restore an entire database to a date and time you specify.
- Produce a forensic analysis. All data captures receive a timestamp, which you can use to document the sequence of change events for each user and workstation.
- Store data long-term. You can export historic data into immutable, encrypted files for later review or for use in forensic investigations.
- Use templates for data capture. dbAudit provides application-specific templates that you can use to capture data from the database. No need to know which of the 86000+ tables that an SAP installation includes are worth auditing. You can customize these templates for a specific application your company uses. In addition, you can set capturing criteria for these templates, set rules that will flag certain data, and send alerts to specific personnel when data is flagged.
- Furnish delta data. dbAudit captures everything from single table columns, to all table columns, to all tables of the database. With this information, you can provide delta data for processing in a data warehouse.
- Integrate custom applications. With the API feature of dbAudit, you can integrate the auditor into your own custom applications.
- Reporting. of all sensitive record changes, including summaries by date/time with the ability to drill-down to individual events