DAT211 Prendre ou reprendre le contrôle de vos instances SQL Server - Conformité qualité de service et bonnes pratiques

4. Sarbanes-Oxley Fiscal accountability for all public companies Basel II Capital assessment and reporting standards for global banking USA PATRIOT Act Customer documentation requirements in order to “know your customer” DoD 5015.2 and UK PRO Federal standards of records management Health Insurance Portability and Accountability Act (HIPAA) NASD 3110 Written policies and procedures for review of correspondence with the public All records related to securities transactions to be maintained for 3 years Gramm-Leach Bliley Act (GLBA) Privacy of financial information Right to carry insurance between job; privacy of patient Information SEC Rules 17a-3 & 17a-4

9. Backup Operator Application Admin Application Admin Auditor User Admin P123#$? securityadmin role manages logins

11. Algorithmes disponibles : AES (128, 192, 256 bits) et3DES Protection Gestion des Clés externe Rotation Serveur de clés Sauvegarde db_ddladmin role peut gérer clés et certificats

16. Cible Audit Serveur Audit Base de données CREATE AUDIT HIPAA_Audit TO FILE ( FILENAME=’PRO1udIP_ADT.aud’, MAX_SIZE=100 MB, RESERVE_DISK_SPACE ) WITH (SHUTDOWN_ON_FAILURE = ON); CREATE AUDIT SPECIFICATION SvrAC ON SERVER TO HIPAA_Audit ADD FAILED_LOGIN_GROUP; CREATE AUDIT SPECIFICATION AuditAC ON DATABASE TO HIPAA_Audit ADD SELECT ON table::Customers(payment); 2008

19. 2008

21. Type de cible Facet : caractériques définissant un type de cibles Politique Etat désiré Quand Quoi Cible Instance de cible Bases de données Catégories Catégories Administration des politiques 2008

22. MSDB (Policy Store) 2008 Policy Event Handler Policy Invoker SQLCLR Policy Engine SMO Facet SQL Server Database Engine SQL Server Agent

23. MSDB (Policy Store) Synchronous Events Asynchronous Events 2008 Relational Engine Eventing Policy Service Broker Queue Policy Event Handler SQLCLR Policy Engine SMO Facet SQL Server Database Engine

28. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Votre potentiel, notre passion TM