RE: Best security structure for meeting internal IT controls requirements? (Sarbanes-Oxley)

From: Michael Cheng [MSFT] (v-mingqc_at_online.microsoft.com)
Date: 05/17/04


Date: Mon, 17 May 2004 10:33:23 GMT

Hi Shelley,

Thanks for your updating:)

Based on my knowledge, I think the first solution of three is better than
others. However, I am not sure whether it will be the best practice for
your senario, as I have said, I could not define the best practice through
newsgroup. The reason why first one is better than okther two is that the
first one could prevent what might happened while other two just monitor
what happened. When there is a damage on database that could not be
recovered, last two is useless, while I think the first one could prevent
it from happening.

Seocndly, SQL Server has such functionality to track DBA activieties. You'd
better have a look at Books Online or MSDN Online with topic "C2 Auditing".
C2 auditing, which requires that you follow very specific security
policies. You could follow this to make it effective (You need restart your
server). Attention please, opening c2 auditing will have an IMPACT on your
server performance!
-In Query Analyzer
sp_configure 'show',1
go
reconfigure with override
go
sp_configure 'c2',1
reconfigure with override
go
--then restart the server, you will see an trc file on your data directory
now. AGAIN, this kind of writing into disk will have an influence on your
performance

Hope this helps and if you have any questions or concerns, don't hesitate
to let me know. We are here to be of assistance!

Sincerely yours,

Michael Cheng
Microsoft Online Support
***********************************************************
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
Please reply to newsgroups only, many thanks.