Follow auditing best practices

[MUSIC PLAYING] Hello, and welcome to CBR TV. My name is Jon Bernstein. I'm joined today by John Pocknell, who is Senior Product Marketing Manager for Database Solutions at Quest. John, great to have you here. We're going to talk about database management. And what other advice would you have for those that need to put it into practice? So at a practical level, you can't protect what you don't understand. So you can't protect everything. That's just too much data. So what you need to have is a system whereby you can discover where your personal data is, or your sensitive data. So if you think about financial and auditing records, not personal data, but they're so sensitive to that company. So that implies that you need some ability to define what you mean by sensitive or personal data. And then, have the means where you can scan all your databases and identify looking at the actual data to see which data is sensitive. Now, the DBA has a handle on what they need to protect. So instead of trying to protect everything or trying to set an audit policy on everything, which is not a good idea. I've seen DBAs that have tried to do that, and it's a massive performance hit because now, you're auditing every single change to every single column in every table in the thousands and thousands of tables and columns out there. So it's just not a bad idea. But if you can identify sensitive data well, it means that you can set up audit policies on just the data that you need to audit. Once you have an audit policy set up, you've also got the means to submit a report to an auditor if necessary. If someone was to come and say, show me, demonstrate to me that you are managing your personal data, you've got the means by which you can do that. And then, finally have some way to automate the whole thing. So once you set up the system to scan and identify where the personal data is, that's not it because data changes. Data structures change. You have to have an automated system that can scan that data maybe once a week, once a day, or whatever is appropriate. John Pocknell, thank you very much. Thank you. [MUSIC PLAYING]