Home | Login      
Auditing Privileged Accounts

Without question, the most common technical use of DB Audit Expert is to keep tabs on privileged account activities. Privileged accounts represent an enormous threat to enterprises because these accounts can breach personal data, complete unauthorized transactions, cause denial-of-service attacks, and hide activity by deleting audit data.

Privileged accounts associated with database ownership are required for emergency access scenarios as well as more mundane day-to-day tasks. While important, they are notoriously difficult to secure because they don't belong to real users and are usually shared by multiple administrators. In a down economy, privileged accounts represent a prime attack vector for disgruntled employees.

Control of privileged accounts is at the top of the auditor's list, and is an essential component of compliance mandates associated with Sarbanes-Oxley, the Payment Card Industry Data Security Standard (PCI DSS), the Federal Energy Regulatory Commission (FERC), and HIPAA. If those mandates aren't enough, many business partners are asking for a review of controls associated with privileged accounts as part of their Statement on Auditing Standards (SAS) 70 reviews.

DB Audit Expert is an ideal tool for PRIVILEGED ACCOUNT MANAGEMENT. It can help identify and mitigate risks associated with elevated access,provide granular audit reports, assist in meeting compliance mandates, and enable an organization to pass its SAS 70 reviews.


Share this blog topic
Add to Digg it   Add to Twitter   Add to StumbleUpon   Add to Del.Icio.us   Add to Facebook   Add to Technorati   Add to Reddit   Add to YahooMyWeb   Add to Google bookmarks


This blog article does not have any comments.

  This blog article is locked. New comments are not accepted.