Menu
Home
People
Places
Arts
History
Plants & Animals
Science
Life & Culture
Technology
Reference.org
Database activity monitoring
open-in-new
<p>Database Activity Monitoring (DAM, a.k.a. Enterprise database auditing and Real-time protection) is a <a href="/facts/Database_security/jQFz6YJI">database security</a> technology for monitoring and analyzing database activity. DAM may combine data from network-based monitoring and native audit information to provide a comprehensive picture of database activity. The data gathered by DAM is used to analyze and report on database activity, support breach investigations, and alert on anomalies. DAM is typically performed continuously and in real-time. </p><p>Database activity monitoring and prevention (DAMP) is an extension to DAM that goes beyond monitoring and alerting to also block unauthorized activities. </p><p>DAM helps businesses address <a href="/facts/Regulatory_compliance/1pIoTaB7">regulatory compliance</a> mandates like the <a href="/facts/Payment_Card_Industry_Data_Security_Standard/SLdbE4q0">Payment Card Industry Data Security Standard</a> (PCI DSS), the <a href="/facts/Health_Insurance_Portability_and_Accountability_Act/b40VtyEC">Health Insurance Portability and Accountability Act</a> (HIPAA), the <a href="/facts/Sarbanes-Oxley_Act/pfYfkDD2">Sarbanes-Oxley Act</a> (SOX), U.S. government regulations such as NIST 800-53, and EU regulations. </p><p>DAM is also an important technology for protecting sensitive databases from external attacks by cybercriminals. According to the 2009 Verizon Business’ Data Breach Investigations Report—based on data analyzed from Verizon Business’ caseload of 90 confirmed breaches involving 285 million compromised records during 2008—75 percent of all breached records came from compromised database servers. </p><p>According to <a href="/facts/Gartner/T4pPSLWF">Gartner</a>, “DAM provides privileged user and application access monitoring that is independent of native database logging and audit functions. It can function as a compensating control for privileged user separation-of-duties issues by monitoring administrator activity. The technology also improves database security by detecting unusual database read and update activity from the application layer. Database event aggregation, correlation and reporting provide a database audit capability without the need to enable native database audit functions (which become resource-intensive as the level of auditing is increased).” </p><p>According to a survey by the Independent Oracle User Group (IOUG), “Most organizations do not have mechanisms in place to prevent database administrators and other privileged database users from reading or tampering with sensitive information in financial, HR, or other business applications. Most are still unable to even detect such breaches or incidents.” </p><p><a href="/facts/Forrester_Research/S443brSw">Forrester</a> refers to this category as “database auditing and real-time protection”. </p>