th images menu user export search eye clock list list2 arrow-left untitled twitter facebook googleplus instagram cross photos entrep-logo-svg

Author Topic: piumini peuterey TR5D0 O9L3N86W V8127  (Read 972 times)


  • Novice
  • *
  • Posts: 20
  • Entrepreneur reader
piumini peuterey TR5D0 O9L3N86W V8127
« on: October 15, 2014, 11:07:57 am »
,piumini peuterey
I've had so many good discussions with vendors and DBAs recently it's really hard to know where to begin. I'm going to start with the most recent talk I had with a vendor (not going to say just yet) because it's still very fresh on my mind. And those of you who know me know how important that is.
We were talking about DB auditing and where the responsibility actually belongs. As we all know, auditing has traditionally been the role of the DBAs. DBAs are the gatekeepers of the information inside the DB,peuterey outlet milano, and whenever an anyone needs a list of the DB access for the past whatever period of time, they go to the DBA. Afterall, he is the one who manages the access to the system. And he is the one who setup and manages the auditing mechanism. And he's the one who probably wrote the reports you're looking at. So why wouldn't you go to him? He's the go-to guy for the DB, isn't he?
Now, what this vendor is proposing is that the DB auditing is to be moved out of the hands of the DBA and into the hands of the compliance officer (CO). Their argument is that the separation of duties is more or less driving this. When a CO or auditor asks the DBA for an access report they have no way of knowing if the data has been doctored to hide something or not. I don't really think that separation of duties has much to do with it though. A DBA would be able to alter that data no matter who was driving the reports. If I know the system is being audited and I do something I'm not supposed to, then I'll cover my tracks the same way regardless of whether I'm producing the reports or not. So from that aspect, I think they're way off base.
However, I do think they're more or less on track in their approach. What they're doing is taking something like DB security and starting to wrap real BI around it and turning CO's into consumers of that data. If you look at the classical role of DBAs in a BI environment, this holds more true to the model. DBAs do what... they provide end users with the data they need to make decisions. Be they analysts,, managers, whatever, they have their client tools for accessing and analyzing their business data. Well,abercrombie and fitch sverige, what if your business is the security access of the DB? Then you should have client software that supports your role.
I've worked in several healthcare orgs and at none of them was I ever asked to help analyze the business data. So why would I be asked to analyze this business data? Well, like I said before... traditionally this was the role of the DBA,peuterey prezzi 2014, and with good reason. Data's a complicated beast and it can be hard to sink your teeth into it. DBAs typically understand more about the nature of the access being reported on, and they know what's going on with the processes.
So what this new process will entail is a CO pissing off a DBA because now the DBA has to justify all of the DB access to someone who doesn't really know anything about it. Everytime a new process kicks off, he'll get a call from basically an end user upstairs who wants to know the ins and outs of the access. I'm not sure how DBAs are going to respond to having to justify things like that. And will it really matter in the end? Let's say that I want to steal all this data I'm not supposed to have. I write a query to export it,hollister stockholm online, and the CO notices it. So he calls me and says, what's going on with this new process hitting the DB? All I have to do is tell him that it's a validation of some kind or something like that, and he'll go, oh, ok then. Unless you have strict policies in place to justify every single process and every single query,giubbotto peuterey outlet, this whole model goes out the window.
Coming from a DBA perspective I have a hard time believing that someone outside DBs will be able to do as good of a job as the DBA would. And if a CO wants to also be a consumer of the data,piumini peuterey outlet, then that's fine, but there's no way I'll essentially report to a CO and have to justify everything the user community does. I quite often find that these guys don't understand it anyway and just end up taking my word for it.
Coming from a business perspective however,hollister stockholm sverige, it's nice to have someone who's skilled at this type of analysis and who isn't so married to the data side of things to put a fresh pair of eyes on it. Maybe a little accountability is good to have for your DBA team so they don't get so uppity thinking they can do just whatever they want.
In the end, I'm hoping that everyone will just learn to work together and the CO will become a customer of the DBA instead of a logical reporting structure. Perhaps the CO will analyze the audit data along with the DBA who will proactively remit the outstanding access issues so the CO doesn't have to call and bug him about it.
My guess is though that only the really large companies will even have to deal with this. Most companies are probably still going to rely on their DBAs for this type of analysis as well as all other aspects of DB security. Whichever way it plays out for you though, look at it this way... at least you don't have to worry about MySQL in this mix.
That'll be my topic tomorrow,Hollister.