March 20, 2007 at 6:24 pm
I HAVE A SECURITY REQUIREMENT, A COUPLE OF WEEKS AGO SOME RECORDS WERE DELETED AND OTHERS INSERTED IN A PRODUCTION DATABASE, WE COULDN'T PROBE WHO DID IT.
NOW WE NEED TO IMPLEMENT SOME ACTIONS TO TRACK EVERY SINGLE INSERT, DELETE OR UPDATE ON THE DATABASE AND RECORD IT IN ANY DEVICE OR SOMETHING.
WE DON'T KNOW IF EXIST SOFTWARE TO MAKE IT POSSIBLE OR MAYBE RUNA A TRACE THAT RECORD ALL MOVEMENTS ON DATABASE INTO A TABLE, OTHER IDEA IS TO CREATE TRIGGERS ON EVERY TABLE BUT WE THINK THAT EXISTS A BETTER WAY.
WE NEED SOME ADVICES TO IMPLEMENT THIS REQUEIREMENT.
March 20, 2007 at 8:49 pm
You'll need to do a fair bit more reasearch, but this snippet from Books OnLine (found under "auditing", imagine that?) should help you get started...
C2 auditing is necessary if you are running a C2 certified system. A C2 certified system meets a government standard that defines the security level. To have a C2 certified Microsoft® SQL Server™, you must configure SQL Server in the evaluated C2 configuration. For more information about C2 certification, see the C2 Administrator's and User's Security Guide.
--Jeff Moden
March 20, 2007 at 9:12 pm
Triggers would be the best functionlity you can use. It capture details about all records that are inserted, updated or deleted.
BOL has a really good section on triggers
Happy Moose
vitaldata.com.au
March 21, 2007 at 6:34 am
Yep, I agree... triggers will normally do the trick. My only concern with triggers would be that folks with DBO, SA, DDL Admin, and (I think) Bulk Insert Admin privs can easily and temporarily disable triggers. If this is malicious in nature, you would need something a bit more tamper proof.
--Jeff Moden
March 21, 2007 at 9:06 am
March 21, 2007 at 5:37 pm
LMtz,
Any of this helping of do you need another "track"?
--Jeff Moden
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply