It seems I can't catch up with my news feeds. This morning I saw a recent post on Dark Reading that caught my eye- Your First Three Steps for database security. As these are supposed to be your first steps with database security, I thought I’d relate the following stages to the capabilities inherent in DB Audit Expert.

1. The first stage -- locating the databases themselves.
2. The second stage to securing your database environment is to enumerate the data contained in the databases you found in the first stage.
3. The third stage is to secure the database servers themselves and ensure they comply with corporate configuration policies.

At SoftTree, we’re all about simplifying database security. DB Audit Expert was designed with that objective in mind.

The first stage -- locating the databases themselves -- can be achieved through a couple of different methods. The easiest, but often least accurate, method is to consult the documentation. If you're lucky there will be an extensive, searchable repository containing all of he information you require. For those lacking detailed documentation, DB Audit Expert provides a Network Database Scanner tool that can be used to discover hidden instances of database servers on networked computers. The tool scans the network in the specified IP address range or IP addresses list looking for database servers accepting network connections on well-known or custom ports. It analyzes the received responses and based on the contents of received data packets, it figures out type, version, authentication mechanism and some other parameters of each found database server instance. It is also capable of finding server management and broadcasting services such as DB2 Administration Server, SQL Server Browsing Services, etc.

The second stage to securing your database environment is to enumerate the data contained in the databases you found in the first stage. Not all database servers will need the same level of protection. Documentation, developers, and database administrators (DBAs) aren't always capable of providing an accurate representation of what's in your databases. For this reason DB Audit Expert provides a PCI, PII and Banking Data Discovery tool to quickly find and identify databases and database tables containing such confidential data stored in database tables using pre-configured data pattern matching rules for common PCI, PII and banking data formats or user-defined data patterns.

The third stage is to secure the database servers themselves and ensure they comply with corporate configuration policies. Manually checking database server settings is a monotonous, tedious task best-suited for automation. DB Audit provides a one-stop multi-database solution for managing database logins, users, security settings and permissions. It provides unified easy-to-use graphical interfaces for managing database users across multiple server types and versions from one central location. Using DB Audit's security management tools you can control which users and user groups can access your database systems; which items and activities in the database are available to which database users, application and database user roles; identify inappropriate permissions and access levels; identity effective security settings and data access paths; identify which user users and user groups access files outside of the database using built-in database file access and extended procedure.