Greater control, better security, easier database compliance with Policy Based Management
By Anthony Fourie, SQL Database Administrator at RDB Consulting
There is no doubt that the database has become the heart and soul of the modern enterprise. After all, without data, business would grind to a halt and be rendered unable to function. As a result of the mission critical nature of the database, it has become more important than ever to ensure that database servers are managed correctly and have the right securities in place.
There are also numerous regulations around database management which need to be complied with, further increasing the complexity of managing the modern database. Policy Based Management (PBM) is a process that enables the management of policies and conditions across multiple databases. This ensures that standardised policies can be implemented throughout an organisation’s database environment, improving control and increasing security through standardisation while ensuring that conditions related to compliance are met at all times.
As the volume of data stored and used by businesses has grown, the size and complexity of the data centre has increased. The challenge that emerges from this is that many organisations have dealt with the data explosion by adding servers in an ad-hoc fashion, which are not managed centrally or from a single set of rules and guidelines. This means that security and compliance issues can creep in without organisations being aware of them until they cause problems or the company is audited.
PBM offers a more efficient alternative to the previous paper-based policy manual which has been used in the setup of servers and databases. Using a paper-based system, discovering policy violations and parties responsible for these violations is a time-consuming manual task. It is also typically difficult to ascertain why a policy has been violated, and often an even more complex process to determine who violated it. Ensuring standardisation across large numbers of servers is also complicated.
PBM addresses these modern database challenges by enabling database administrators to define rules around access, permissions, backup policies and more, and apply and enforce these policies across multiple servers and databases. This allows conditions to be evaluated against standards and regulations, and automatically flags transactions, queries or data that are not compliant with policies. For compliance and auditing purposes this ensures that policies are adhered to and that any discrepancies can be identified and quickly corrected. It also simplifies management by enabling uniformity of standards across the database environment.
As a replacement for paper-based policy management it enables the same set of rules to be exported and applied to multiple servers, in effect virtualising the paper-based policy document. Any user who does not comply can be automatically flagged, which aids in discovery and ensuring non-compliance is minimised. Multiple servers can be automatically evaluated for discrepancies and adherence to policy, saving time for audit and compliance purposes.
There are several benefits to the PBM model. Firstly it saves time, by easing the auditing, compliance and evaluation process and by ensuring that policies can be easily exported and applied to multiple servers, negating the need for duplicated effort. It also therefore simplifies multi-server administrations by ensuring one set of consistent and compliant rules can be applied and evaluated against, and ensures greater control and enforcement of compliance. This all adds up to dramatic time saving, in setup, evaluation and auditing for compliance.
However, effective PBM relies on effective, relevant policies to be defined at the outset. While the database administrator and application can set up these policies in isolation, this is not the ideal scenario since business is typically more informed around compliance and regulations. Data needs to comply with business standards, and it is sound business practice to involve business in this typically IT dominated process.
IT managers as well as business should be involved as well as technical staff, in a joint venture, to define policies and decide on conditions including database naming standards, backup standards and so on, to ensure compliance regulations are met and adhered to. This will complement the expertise of technical individuals, who will have awareness of the technicalities around policy management and the database.
In a world where the database is arguably the most critical part of the IT environment for business, managing and administering this database effectively, efficiently and in line with compliance and security standards is of the utmost importance. PBM enables organisations to enforce policies across multiple servers with ease and automatically flags servers that are in violation of policy. This saves time and money while ensuring greater control, better security and easier database compliance.