2009-02-12 DAT211 Prendre ou reprendre le contrôle de vos instances SQL Server - Conformité qualité de service et bonnes pratiques
1.
2.
3.
4. Sarbanes-Oxley Fiscal accountability for all public companies Basel II Capital assessment and reporting standards for global banking USA PATRIOT Act Customer documentation requirements in order to “know your customer” DoD 5015.2 and UK PRO Federal standards of records management Health Insurance Portability and Accountability Act (HIPAA) NASD 3110 Written policies and procedures for review of correspondence with the public All records related to securities transactions to be maintained for 3 years Gramm-Leach Bliley Act (GLBA) Privacy of financial information Right to carry insurance between job; privacy of patient Information SEC Rules 17a-3 & 17a-4
5.
6.
7.
8.
9. Backup Operator Application Admin Application Admin Auditor User Admin P123#$? securityadmin role manages logins
10.
11. Algorithmes disponibles : AES (128, 192, 256 bits) et3DES Protection Gestion des Clés externe Rotation Serveur de clés Sauvegarde db_ddladmin role peut gérer clés et certificats
12.
13.
14.
15.
16. Cible Audit Serveur Audit Base de données CREATE AUDIT HIPAA_Audit TO FILE ( FILENAME=’PRO1udIP_ADT.aud’, MAX_SIZE=100 MB, RESERVE_DISK_SPACE ) WITH (SHUTDOWN_ON_FAILURE = ON); CREATE AUDIT SPECIFICATION SvrAC ON SERVER TO HIPAA_Audit ADD FAILED_LOGIN_GROUP; CREATE AUDIT SPECIFICATION AuditAC ON DATABASE TO HIPAA_Audit ADD SELECT ON table::Customers(payment); 2008
21. Type de cible Facet : caractériques définissant un type de cibles Politique Etat désiré Quand Quoi Cible Instance de cible Bases de données Catégories Catégories Administration des politiques 2008
22. MSDB (Policy Store) 2008 Policy Event Handler Policy Invoker SQLCLR Policy Engine SMO Facet SQL Server Database Engine SQL Server Agent
23. MSDB (Policy Store) Synchronous Events Asynchronous Events 2008 Relational Engine Eventing Policy Service Broker Queue Policy Event Handler SQLCLR Policy Engine SMO Facet SQL Server Database Engine