Application Of A New Database Management System

1271 Words6 Pages
When selecting a new database management system, determine if the vendor offers auditing, reporting and data management tools. In addition, the software should provide application level security and interface to the organization 's corporate-wide procedures for granting access to systems. For example, authentication should allow a secure protocol, such as Secure Sockets Layer (SSL). In addition, data may need to be encrypted to ensure additional protection. Application security gateways and database firewalls understand the application and track user access. Deep packet inspection examines each packet going over the network to the database server to determine the type of access being attempted. Application security gateways can provide…show more content…
To discover and document existing organizational policies, the solution selected should be able to automate a process of report production that covers such topics as planning and organizing for database compliance, certification and control of database activities, risk assessment, and investigation and disclosure of any exceptions. Having access to report templates that were built to address SOX implementations creates an ideal situation, since such templates do not require a great deal of setup but still have the flexibility to be customized to company needs. All database requests must be able to be logged and a full audit trail should be easily and automatically extractable from this information. This audit trail needs to contain such information as which data was accessed, by whom, when, how, and from where. The exportable information can be maintained for as many years as necessary and submitted to the proper authorities as required. Automated scheduling of SOX workflows and audit tasks and dissemination of relevant information to responsible parties across the organization are also great time savers, helping to increase audit process efficiency. When potential anomalies arise, the response must be instantaneous. Automatic alerts and access control help to handle situations in a timely and
Open Document