IDERA updates toolset for SQL Server security and compliance

IDERA announced the latest release of its SQL Security Suite, including SQL Secure and SQL Compliance Manager, with support for industry regulations.

As data protection regulations gain traction across the globe, research shows the average cost of noncompliance (business disruption, loss of productivity, fines, penalties, etc.) for organizations is now $14.8 million, a 45 percent increase from 2011.

To avoid becoming one of the statistics, companies must be more vigilant about protecting customer data and ensuring their databases are secure.

SQL Secure and SQL Compliance Manager work together to help database administrators establish and enforce security policies for SQL Server environments on Windows OS, whether located on premises or in the cloud.

This enables companies to audit for regulatory guidelines and requirements, such as the GDPR and the HIPAA regulations.

SQL Secure is a security analysis solution that identifies SQL Server security violations and ensures security policies are enforced, enabling DBAs to identify who has access to what and each user’s effective rights across all SQL Server objects.

SQL Compliance Manager is an auditing solution that uses policy-based algorithms to track changes to SQL Server objects and data, providing visibility to determine who did “what,” “when,” “where,” and “how,” whether the event is initiated by privileged users or hackers.

With this latest release, both products have added new support for CIS, DISA STIG, and NERC, and updated support for PCI DSS.

Additionally, SQL Compliance Manager has added support for FERPA, and SQL Secure has added support for NIST and SOX. These additions and updates expand on the existing support for HIPAA and other industry regulations.

According to one database administrator at a large financial services institution, “I have found that with auditors, the longer they wait for your data, the more they scrutinize the data. Since I implemented SQL Compliance Manager, I have been able to provide all the audit information to internal and external auditors quickly.”

As a result, the company has decreased the amount of time spent generating audit compliance reports by more than 25 percent since implementing IDERA’s solution.

Additional product capabilities include:

SQL Compliance Manager v5.5:
• New option to save and upload custom regulatory guidelines, providing companies the flexibility to meet all audit requirements,
• Sensitive data set selection option that spans multiple tables so DBAs can easily search for sensitive columns to be audited,
• A new row count function added for all event types that DBAs can use to audit for suspicious data access,
• Full support for SQL Server 2017.

SQL Secure v3.2:
• New policy checks for configuration, access, auditing and logins,
• Full support for SQL Server 2017.

“From financial services to education to the energy sector, regulatory compliance is increasing pressure on organizations to collect data for auditing and reporting purposes across a complex landscape of data types and sources,” said Robert Anderson, vice president of product management at IDERA.

“These latest updates to SQL Secure and SQL Compliance Manager offer peace of mind and improved productivity that help DBAs reduce exposure risks, avoid fines, and support corporate data governance initiatives.”