Transaction Auditing
One of the ways to keep honest people honest is to track what they are doing. If people know there is a camera watching them, they are less likely to engage in any inappropriate behavior. When you are evaluating databases and applications, make sure that they have rich auditing and reporting capabilities. Set the granularity of audits at a level that is practical for detecting data access abuses. For example, only look at certain access types to important tables such as the salary table. Otherwise, you could get too many logs to process effectively.
When evaluating logs, look for bulk reads, multiple backups, or access during off-hours. Though it is very difficult, try to have audit logs stored in a manner that is inaccessible ...
Get Privacy What Developers and IT Professionals Should Know now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
