About SQL Compliance Manager

Monitor, audit and alert on SQL user activity and data changes.

SQL compliance manager is a comprehensive auditing solution that uses policy-based algorithms to track changes to your SQL Server objects and data. SQL compliance manager gives you detailed visibility to determine who did "what", "when", "where", and "how", whether the event is initiated by privileged users or hackers. SQL compliance manager also helps ensure compliance with regulatory and data security requirements such as SOX, PCI, GLBA, HIPAA(HITECH), and Basel l and II. SQL compliance manager goes beyond traditional auditing approaches by providing real-time monitoring, alerting, and auditing of all data access, selects, updates, schema modifications and permission changes to SQL Server databases.

SQL Compliance Manager will monitor, audit and alert on SQL Server user activity and data changes.

  • Audit Sensitive Data - see who did what, when, where, and how
  • Track and Detect - monitor and alert on suspicious activity
  • Satisfy Audits- for PCI, HIPAA, FERPA and SOX requirements
  • Generate Reports - 25 built-in reports to validate SQL Server audit trails
  • Minimize Overhead - light data collection agent minimizes server impact


Audit sensitive data
Comply with regulatory standards by auditing the most sensitive data contained in your databases, right down to the column level. Determine where sensitive data resides and add this data and columns to the audit wizard.

Stop potential threats
Track access and changes to databases, alert on failed log-ins, and customize alerts to notify of activities that could cause harm to your SQL Server environment.

Pass audits with ease
Templates for PCI, SOX, HIPAA, and FERPA help you meet compliance requirements, A simple wizard helps add these compliance regulations to your audited SQL server objects with preset auditing settings aligned to over 16 regulatory citations.

Generate reports
Choose from over 25 pre-defined compliance reports, developed in partnership with auditing experts, that address security auditing & compliance reporting requirements. The Microsoft Reporting Services reports are available in the Console or can be easily deployed to SQL Reporting Services and customized if needed.

Minimal Overhead
Keeping an eye on SQL Servers shouldn’t bring down your SQL enterprise. Using SQL Compliance Manager maintains a watchful eye on SQL Servers without performance impact implications.


Powerful Auditing

  • Customizable Templates - Easily apply the right auditing settings to your servers and databases for Payment Card Industry (PCI), Family Educational Rights and Privacy Act (FERPA), Sarbanes Oxkley Act (SOX), and Health Insurance Portability and Accountability Act (HIPAA) regulations. Extensive research is no longer required as you can simply define the objects and apply the (out-of-the-box) customizable templates.
  • Audit & Alert on Sensitive Columns - Audit any combination of columns and track who has issued “SELECT” statements against any table whether they are end-users or privileged users. Additionally, you can be alerted when any combination of columns are accessed.
  • Data Auditing - Audit data changes on any table so you can compare before and after data values resulting from inserts, updates and deletions.
  • Low-overhead data collection - A lightweight agent captures data from the SQL Server trace stream in real-time. The data collected can be streamed to the repository in real-time or in scheduled batches.


Flexible Alerting

  • "Auditors Mode" - Users can be granted auditor privileges only. Users in the auditor role have read-only permission. This supports report and query execution as well as self-audit, integrity reporting, and alerting of changes to SQL compliance manager configuration and data collection parameters.
  • Fine-grained filtering - Powerful filtering capabilities enable you to collect only what is important for audit and compliance; reducing data collection, transmission and storage overhead.
  • Customized alerting - Provides customized alerting for over 200 specific SQL Server Event types, allowing you to define rules to receive immediate notification when critical SQL server events occur. These events are stored in the audit repository, can be emailed directly to a user and/or written to an event log that feeds an in-house operations monitor system (e.g. SCOM).
  • User-defined event auditing - Supports comprehensive auditing of user-defined events. For example, events can be captured for data changes resulting from INSERT, UPDATE, or DELETE activity on tables, or additional application context can be included within your audit trail.


Enterprise Management

  • Central Management Console - Central console enables rapid configuration and deployment of SQL compliance manager agents as well as real-time monitoring of agent activity and the audit data stream. This makes it easy to manage and track audit activity over a large number of servers.
  • Central Data Repository - A central repository houses all audit data. The published, user-friendly repository schema enables easy development of queries and custom reports. In addition, multiple repositories may be used where required for security partitioning purposes.
  • DynamicDeployment Technology - Automatically deploys and configures the SQL compliance manager agents, enabling rapid deployment and eliminating the need for time consuming software installs on your SQL servers.
  • Efficient data archive - Built-in archiving mechanisms enable archiving to be scheduled on any frequency and archives can easily be restored to the current audit data repository or a separate repository. Additionally, you can easily leverage SQL safe, Idera’s high-performance backup solution, to compress and encrypt audit data archives.