Automating Google Workspace (GWS) & more with Apps Script
TehDays Basel - Auditing in sql server 2012 - charley hanania - tech days basel 2012
1. IT Pro Day
Auditing in SQL Server
2012
Charley Hanania
Principal Consultant, QS2 AG – Quality Software Solutions
www.qs2.ch
2. Now:
• Database Consultant at QS2 AG
Formerly:
• Production Product Owner of MS SQL Server Platform at UBS Investment Bank
IT Professional since 1992
SQL Server Certified since 1988
• On SQL Server since 1995
• Version 4 on OS/2
Community
• Microsoft MVP: SQL Server
• PASS Chapter Leader – Switzerland
• PASS Regional Mentor – Europe
• European PASS Conference Lead
• International Event Speaker
• MCT Regional Lead (Switzerland)
• Database Days Conference Switzerland Lead
B.Sc (Computing), MCP, MCDBA, MCITP, MCTS, MCT, Microsoft MVP: SQL Server, MCT Regional Lead (Switzerland)
7. 1. Identify Issues and Risks
2. Develop Policies to mitigate them
3. Architect Procedures & Solutions
(frameworks) to meet (comply with) Policies
4. Implement methods to report compliance
levels
5. Implement methods & countermeasures for
exceptions and comprised systems
6. Implement Process Improvement
methodologies for framework maturity
9. • AICPA/CICA Trust Services, Principles, and
Criteria
• Carnegie Mellon University Software Engineering
Institute (CMU/SEI) OCTAVE
• CICA CoCo – Criteria of Control Framework
• CICA IT Control Guidelines
• CMMI – Capability Maturity Model Integration
• CobiT – Control Objectives for Information and
related Technology
• COSO – Internal Control Integrated Framework
• GAISP – Generally Accepted Information
Security Principles
• ISF Standard of Good Practice for Information
Security
• ISO 17799:2005
• ISO 9000
• ITIL – the IT Infrastructure Library
• Malcolm Baldridge National Quality Program
• Organization for Economic Cooperation and
Development (OECD) Principles of Corporate
Governance
• OPMMM – Organizational Project Management
Maturity Model
• Six Sigma
• OECD - Organization for Economic Cooperation
and Development Guidelines on the Protection of
Privacy and Transborder Flows of Personal Data
• NIST SP 800-53 - Recommended Security
Controls for Federal Information Systems
• The FFIEC Information Technology Examination
Handbook series
The major players in the IT framework arena are:
source: www.unifiedcompliance.com
Note:
There is no single framework that is all encompassing and "complete"
Some frameworks focus on process maturity analysis and others focus more on standardised policies and
checklists.
These frameworks are used to bring organisations closer to compliance with one or more regulatory standards
17. • SQL Server Auditing is more resistant to auditing destination
failures
• Audit log records additional T-SQL stack frame information when
available
• Audit information is filtered before it is written into the audit target
• Maximum number of audit files available
• Stored procedure - sp_audit_write
• New columns in audit related views and functions
21. •A framework which exposes sql server's properties
as facets, allows you to create conditions which
report back the status of those facets, and then
create policies around those conditions.
•You can just report on those or enforce them. You
can also import and export them and apply them to
multiple servers.
Policy Based Management
26. The Audit Feature is enhanced in SQL Server
2012
It is a tool in the “Security and Compliance”
arsenal
It needs to be architected into the overall
operational strategy, alongside strategic
tools, policies and processes.
27. REGISTER NOW AND
GET 10% OFF
DISCOUNT CODE:
CHMTD12
(Valid until December 10, 2012)
• A Preconference Day with 5-7 parallel
technical workshops, focussed on critical
role-based skills for Data Professionals.
• Two days of conference seminars across 3
technical tracks:
- Database Administration
- Business Intelligence
- Data Platform Application Development.
Check out www.databasedays.com
29. Can Enterprise Roles be Audited? Eg
Administrators?
• yes, but not out of the box. A
deeper look at how AD groups
and segregations of rights are
implemented is needed, and the
application of auditing against
these should then be done.
Which Editions is audit available on?
• All editions, but with limitations.
Enterprise Edition allows for
more granular auditing that is
unavailable in the other SKU’s
Which SKU’s is PBM available on?
Why would reducing the queue delay to 0
in the Audit properties have an negative
effect on performance?
• Reducing the delay to 0 tells the
audit feature to work in synchronous
mode, so every write to the log
needs to be persisted before it is
released. This essentially has a
similar effect to what the transaction
log has on the system from a commit
perspective.
• Also, if flushes occur too frequently, it
may have detrimental effects as the
disk subsystem may be slow or
overloaded.
• When set to say 10,000 (10 seconds) it
will only flush the buffer if it is full, or
it has reached the timer value
specified.
SQL Server as a complex DBMS comes packed with features to cover a wide range of operational and development needs.A group of complementing components focus on Operational Security and Compliance, such as: