Blog

Auditing Your Azure SQL Database

One of the most anxiously anticipated and long-awaited feature additions to the Azure SQL Database, introduced to Azure Preview just this past August 2014 and added to the Azure Portal and Powershell on October 9, 2014, is the ability to audit various database actions and events, including:

  • Access to data
  • Schema changes (DDL)
  • Data changes (DML)
  • Accounts, roles, and permissions (DCL)
  • Security exceptions

Azure SQL Database

 

These are very useful for anyone who wants to:

  • Retain an audit trail of selected events. Define categories of database actions and events to be logged.
  • Report on database activity. Use preconfigured reports and a dashboard to get started quickly with activity and event reporting.
  • Analyze reports. Find suspicious events, unusual activity, and trends.

Deep Insight

SQL Database Auditing increases an organization’s ability to gain deep insight into events and changes that occur within their SQL database, including updates and queries against the data. Using a very simple and intuitive configuration interface, you can now have Auditing up and running on your database within minutes. Auditing is available for all Basic, Standard and Premium databases, and configurable via the new Azure Preview Portal or via standard APIs.

With auditing enabled on your database, you immediately have a repository of valuable data that can serve a variety of objectives.

  • Streamline compliance-related activities

Auditing is a valuable tool that can be used to help organizations meet various industry compliance requirements and regulations, such as PCI-DSS, SOX or HIPAA. Many such regulations require an audit trail on data-related activities against the underlying databases.

  • Gain Insight about database activity

Retaining an audit trail means that you now know exactly what activity is taking place on your database, by whom and when. This can readily be used to enhance business visibility; such data can help to identify business trends or potentially indicate business concerns. For instance, an analysis of the data may identify a drop in activity levels over time in a database located in a particular geographic location, which can then be addressed by the business.

  • Identify suspected security violations

An analysis of audit data can expose discrepancies and anomalies in data-related activities across the organization. This can lead to the identification of potential security incidents.

Prefer Scripting?

For those who prefer scripting for database management, you can now configure and manage Auditing using PowerShell. Every action taken on Auditing in the portal can also be done via PowerShell commands. The available Auditing cmdlets are as follows:

  • Get the current auditing policy of a database
  • Get the current auditing policy of a database server
  • Set auditing policy for a database server
  • Disable auditing on a specific database
  • Disable auditing on a specific database server
  • Set a specific database to use its server’s auditing policy

Microsoft provides a wealth of useful resources that will help you get started with Auditing.  For a great place to start to learn more about Auditing and how to set it up, take a look at the Channel 9 episode “Auditing in Azure SQL Database.”

You may then want to visit the Microsoft Azure blog post, “Get Started with SQL database auditing” which will also provide you with a link to where you can  sign up for the preview.

Another site to bookmark and refer to is the Microsoft Azure Trust Center.

Auditing will help you achieve and maintain regulatory compliance, improve application development, and rapidly troubleshoot any database difficulties that may arise.

If you’d like to discuss auditing of your Azure SQL Database, please contact Hanu at 800-520-1816.





Azure Managed Services