• • LogClarity® Suite Overview
  • LogClarity® Domain Controller Edition
  • LogClarity® Database Edition
  • LogClarity® Server Edition
  • LogClarity® Syslog Edition
• • Enterprise Solutions
    • Enterprise Log Management Overview
    • Hidden Challenges of Log Management
    • The Log Fidelity Strategy
    • Collect-All Solutions Don't Work
    • Leading Cause of Data Pollution
    • Intelligent Log Management
    • Enterprise Security or Data Security
    • How Does LogClarity® Compare
    • LogClarity® Suite Overview
    • LogClarity® Suite's 5 Powerful Modules
    • LogClarity® Incident Management
    • LogClarity® Enterprise Reporting
    • LogClarity® Data Mining & Forensics
    • SIM Solutions: NOT the Silver Bullet
    • Scalability is the Cornerstone of LogClarity®
  • Compliance Solutions
    • Pass Security Audits Using Smart Automation
    • The 5 Key Components For Meeting Compliance
    • PCI Compliance
    • HIPAA Compliance
    • SOX Compliance
    • FISMA Compliance
    • eDiscovery
  • Database Solutions
    • Protecting Customer Information on Databases
    • Database Activity Monitoring (DAM) Overview
    • The Solution: LogClarity® Database Edition
    • Native Database Auditing is Insufficient
    • LogClarity's Secret to Scalability
  • Server Solutions
    • Enterprise Intellectual Asset Protection
    • The Challenges of Auditing Data Access
    • The Solution: LogClarity® Server Edition
    • Why LogClarity® Suite?
  • Active Directory Solutions
    • Major Event Log Flaws Exposed
    • LogClarity® Solves Windows Logging Challenges
    • LogClarity® Product Overview
    • LogClarity® Difference
    • LogClarity® Core Technology
    • The Logon Authentication Confusion on Windows
    • LogClarity's Solution to the Logon Confusion
    • LogClarity® Domain Controller Edition
    • Understanding and Correlating Windows Events
    • Syslog Formatting Limitations
    • Collect-All Solutions Don't work
    • Service Account Log Filtering
  • Security Solutions
    • Security Incidents Don't Have To Be Costly
    • LogClarity® Incident Management
    • Permission Escalation Monitoring
    • Privileged User Monitoring on Databases
    • LogClarity® Group Policy Monitoring & Alerting
    • LogClarity® Audit Policy Monitoring & Alerting
    • LogClarity® Data Mining & Forensics
  • Insider Threat Solutions
    • Insider Threat Overview
    • Increase Security Through Event Log Management
    • Enterprise Protection Against Logic Bombs
    • Why LogClarity® Suite?
  • IT Manager Solutions
    • Overcoming the Log Management Lifecycle
    • Common Log Management Hurdles
    • Log Retention Goals Can Be Achieved
    • Why is Intelligent Log Management Necessary?
    • LogClarity® Executive Dashboard
    • LogClarity® Enterprise Dashboard
    • LogClarity® Increasing IT Efficiency
    • Why LogClarity® Suite?
  • System Solutions
• • LogClarity® Design Framework
  • Database Access Tracking
  • File Access Log Translation
• • Weekly Webcast Signup
  • Monthly Webcast Signup
  • Datasheets & Whitepapers
  • Press Releases
  • Upcoming Events
  • Industry Resources

LogClarity® Database Edition Overview

Logging, monitoring and reporting access to Critical Information on Database Servers is not only a good security practice, but is now a huge focal point for every regulatory initiative on the planet.

Customer confidence is the lifeblood of every company so protecting their interests and maintaining their loyalty is paramount. Relying on luck and hoping for the best when it comes to protecting their livelihood is like playing Russian roulette with the company’s future.

A large portion of critical information is typically contained inside database servers. All compliance standards have a unifying requirement which is the protection and monitoring of critical information. Critical information as stated by the Government legislative bodies are:

Confidential Information

• Billing Information (PCI Compliance)
• Classified Information (FISMA Compliance)
• Patient Information (HIPAA Compliance)
• Financial Information (GLBA Compliance)
• Customer Information (SOX Compliance, and all others)

These mandates are very specific in terms of the repercussions to the company that houses the confidential information if a breach of security has occurred and confidential information was compromised or stolen. The legislation states that if confidential information has been compromised or stolen the organization that had the breach must disclose to the parties affected that their personal information was stolen or if it was possibly stolen. In either case, it is safe to say the results are not favorable. Neither of these situations are the best PR announcement the organization can make, and it will further damage the organization’s credibility with the affected parties and the general public.

Not logging, monitoring database servers that contain this vital information is a large risk not worth taking. The organization’s reputation will suffer as well as imminent negative customer satisfaction which will result in lost business and tarnished reputation.

Who is likely to attack your systems?

According to the US Secret Service and the Cert.org that have been working together gathering data and researching the behavior of today’s hackers. Today’s hacker is most likely to be a former technical employee that gains access to exploit system vulnerabilities, according to Cert.org, the Internet security research center run by the Software Engineering Institute at Carnegie Mellon University, which has access to U.S. Secret Service data.

Why is “who” is likely the next culprit important?

The reason it is important is because the line between an external attack and an internal attack is difficult to define. Any former or existing disgruntled employee accessing information remotely can be extremely difficult to protect against because he knows where to go and how to most likely go unnoticed. They could know exactly where the most important or confidential data is located, and they may know colleague’s passwords ad well as the internal security protocols to cover their tracks.

Insider attack statistics at a glance

CERT’s report says that 60% of the reported attacks were compromised accounts; unauthorized accounts created by insiders; or use of former colleague known login and password. Other statistics include that 15% of the time database administrator accounts were used, and 13% of the time system accounts (Highly privileged accounts) were reported as methods insiders took advantage of to access critical data. Creation of backdoor accounts were also contributing methods used that have been used but surprisingly the insiders own user account and password were also used to carry out attacks.

The majority of such attacks were only detected after the effects were seen in the form of missing data or critical systems showing signs of instability. Unfortunately, these effects can occur long after the attacks take place which makes it difficult o hunt down and prosecute the offenders. The costs and repercussions can be in the millions of dollars and can affect many other areas of the company health. The best resolution to this problem is swift identification through monitoring alerting and reporting of database activity.

The Solution: LogClarity® Database Edition

The LogClarity® Database Edition streamlines database log collection and management across all critical database servers with ease. LogClarity® (DBE) can log, monitor, alert and report complete details related to access, misuse or any activity related to critical information.

Quick investigation of all database access attempts through log data is achievable with the powerful automation methods of LogClarity® (DBE). If a server was compromised, but access to the critical information does not occur, because quick automated alerting is in place to provides immediate awareness and helps prevent further access can be just enough to satisfy the need. The organization doesn’t have to make any announcement because the critical information is still safe and secure.

LogClarity® Database Edition lets you configure easily what tables and other objects (such as stored procedures) inside databases you need to log monitor and report on. The SQL server absolutely needs to be tracked for access. Information inside databases can be read, changed, created, or deleted utilizing the SELECT, UPDATE, INSERT, DELETE commands. LogClarity® with Database Access Technology logs the commands (SQL Queries) so that it can track exactly what information was affected by even the most privileged users.

Database Access Technology (DAT), integrated with LogClarity® Design Framework which reduced the duplicate SQL entries and lets you quickly investigate incidents with powerful search methods far beyond other simple search tools. Cumbersome, time-consuming, forensic investigations are now a quick and easy process. >>>>>

Security and protection of key critical information is what every company is striving for. Meeting compliance and assuring the checks and balances are in place can only add another level of piece of mind for the organization and key personnel.

 

Search Knowledge Base

Privacy Statement

Copyright © 2006 Log Fidelity Corp.