Auditing Data Access Without Bringing Your Database To Its Knees presented at BlackhatUSA 2006

by Dale Brocklehurst, Kimber Spradin,

Summary : Todays privacy requirements place significant additional auditing burdens on databases. First you have to know which databases in your environment contain regulated Personally Identifiable Information (PII) or Protected Health Information (PHI), then you have to monitor ALL activity surrounding that datanot just changes to it. In the world of databases, this means auditing all SELECT statementssomething many native database auditing tools are not very good at. This presentation will demonstrate how you can log this activity across multiple database platforms (without bringing your database to its knees), and then what to look for in those reams of log entries your auditors made you record.