Improving customer satisfaction through better problem diagnosis, meeting legislated requirements for electronic security and privacy, and raising the standards of corporate governance to satisfy customer and shareholders expectations: these are the challenges you face in today's business environment. They all come down to data accountability - the ability to know who's doing what to mission-critical data, when, where and how it's happening.
In most data management systems, security settings authorize users' access to data, but within those boundaries, everyone is assumed to be properly trained and honorable. Unfortunately, not everyone is. Database access control is never enough. How do you achieve accountability within the trusted zone?
Pervasive Auditmaster, Pervasive's transaction intelligent and proactive monitoring solution, is the answer. It monitors and reports all activity occurring in a Pervasive.SQL database at the database level, so your application doesn't have to.
The AuditMaster technology works by capturing database events and writing them to a log file. AuditMaster features three components:
The log event handler is an easily installed database plug-in. It serves as an all-seeing "flight recorder," writing every qualifying database event into the audit trial. It's installed at the database level, so when the database is running, the event handler is running, keeping the audit trial complete. The log event handler is installed on the system with the Pervasive.SQL server engine.
The log database is a set of Pervasive.SQL files in the AuditMaster data directory. The main log file holds all audit information, such as user ID, network station ID, time and date of operation, application name, database table name, and operation type. Importantly, the log file includes before-and-after transaction images for updates records. Each time a user changes data, the log event handler writes both the original and the new record to the log.
The log viewer queries the database, enabling a security administrator to verify past activities or analyze patterns and trends. A simple graphical interface eases rapid building of queries. AuditMaster reports can also conveniently supply evidence of compliance with best or required practices.
In addition, the log viewer component is used to maintain and configure the AuditMaster system. This includes creating alerts, which provides proactive surveillance on future data activity. Once defined, alerts wait for specific events of interest based on the entire range of user actions, including creating, updating and deleting data, or even simply reading it. When a watched-for event occurs, the log event handler immediately executes an alert, which can take the form of an email to one or more recipients, a call to another application, or the start-up of a new application.
The log viewer may be installed on any machine with access to the Pervasive.SQL server and log database files. AuditMaster requires no changes to your existing application code or Pervasive.SQL database. Because it's installed within the database, well below client applications, AuditMaster is application independent. It can monitor several applications, yet still identify the original source of each event in the audit trial, enabling precise internal observations of the system and detailed application auditing.
In addition to viewing reports and executing alerts, the detailed audit log provides other benefits. Since before-and-after images are stored for all changes, database rollback or fine-grain, point-in-time recovery for individual records is possible by undoing changes captured in the audit trial. Further, since the audit log in stored in Pervasive.SQL tables, applications can directly access log data, allowing Auditmaster to be embedded in other applications.
AuditMaster works with all Pervasive.SQL data, whether transactional or relational. In addition, AuditMaster can automatically maintain multiple metadata files on data records to support upgrades to new versions of your client application, even when data definition files (DDFs) change. AuditMaster metadata supports auditing even if DDFs are missing or incomplete. In addition, if your system uses variant records, AuditMaster still performs all of the same capture, report and alert functions.
Pervasive AuditMaster answers the call for data accountability. Says Mark Shainman, Senior Research Director, META Group, "Cost-effective regulatory compliance, accounting fraud detection and procedural best practices are growing concerns in businesses around the world. Organizations must consider their options for implementing solutions that address the concern but aren't cost or deployment prohibitive."
With the complete audit trials provided by AuditMaster, the data accountability you should demand, is assured.