FAQs on Database Audits
Rajat Venkatesh — 2/15/2020 — 1 Min Read
What is database auditing?
- Database Audits track two activities in databases:
- User Login
- Database Object Access
User Login
Incident postmortems require a list of humans (versus microservices) logged in at the time. Generic database clients such as mysql-client or psql do not provide a method to capture access logs. Therefore a reverse proxy such as DbAudit(/database-audit/) is required.
Database Object Access
Postmortems also require an activity log of the users. Therefore the query history of all logged-in users is also required. Most databases do not recommend logging query history from the database server. A reverse proxy such as DbAudit(/database-audit/) is the most performant option to capture query history.
Why audit databases?
Database Audits are necessary during postmortems of performance or security incidents such as:
- Tracking malicious users’ activity.
- Listing all database objects accessed during a breach.
- Attributing runaway queries that affected performance to a user.
- Satisfying requirements of regulations such as GDPR, CCPA, and HIPAA.
How do you audit a database?
Options to audit databases are:
- Most commercial databases have a database auditing add-on.
- Using open-source reverse proxies. For example, using proxysql as a database audit tool.
- DbAudit(/database-audit/) is a simple-to-use and effective open-source database audit tool.
Similar Posts
Tokern DbAudit and GDPR / CCPA
Rajat Venkatesh — 1/16/2020 - 2 Min Read
DbAudit helps security team manage access to critical data in databases. DbAudit features help to comply with multiple provisions of GDPR and CCPA
Use ProxySQL as a Database Auditor for secure access to MySQL
Rajat Venkatesh — 1/3/2020 - 2 Min Read
ProxySQL can be used as a reverse proxy to audit, log and centralize access management to MySQL on AWS RDS, Aurora and Google Cloud SQL.
Get in touch for bespoke support for PII Catcher
We can help discover, manage and secure sensitive data in your data warehouse.