This article describes how to configure sensitive data reports and sensitive data access alerts in ApexSQL Audit 2020 R3 and higher.
Sensitive information flow has always been a top priority for any organization. Having consistent and proactive reports and alerts on sensitive data access can drastically help to manage data flow and assess any potential risk-related consequences.
Configuring sensitive columns auditing precedes the creating sensitive data reports and alerts, and once auditing configuration is concluded, the reports and alerts configuring are the next steps take in creating a proactive and consistent information delivery on sensitive column access.
Creating a report
Getting reported on data access frequently helps with understanding how the data is being approached, at what particular times, and by whom. Having that information ready on a scheduled basis or on-demand will always add to managing looming threats.
Creating sensitive data reports in ApexSQL Audit is quite simple. Here is the quick example in the step-by-step scenario:
- Head to Reports in the main application ribbon
- Choose the New button inside the reports pane
- Continue by choosing Sensitive columns auditing reporting template
After the reporting template is selected, reporting filters will be accordingly set to default values. You can further specify any particular filter to retrieve the data upon that criteria. The most interesting filter to utilize on creating sensitive data access report is Sensitive-column filter allowing users to specify certain sensitive column range to be found in a report:
Building a convenient report template is an essential piece of the puzzle, hence it helps in creating automated reports without manual management. It takes understanding auditing requirements to build filter criteria accordingly before creating scheduled report jobs.
After the reporting template is complete, a quick overview of the configuration is available in the summary pane in the Reports tab:
Once the template is ready to be used, the actual audited data trail can be quickly previewed in the application reports grid, or exported to several document file formats, or even ultimately scheduled to run automatically on custom frequency:
While it is a common strategy to create a sound security wall around the sensitive data via security access controls, it is always good to have an alerting mechanism to proactively send a notification on any specific data approach that is categorized risky.
ApexSQL Audit provides sensitive data access alerting via its respective alert type and allows users to get notified about sensitive data access via custom specifications. For instance, we are going to explain how to configure alert to trigger when specific columns are accessed by the specific user, via the specific application through the alert configuration wizard:
- Head over to Manage tab in the alerting group of the main application tabs
Continue by choosing New in the header controls
Choose Sensitive data access alert option
In the next step, modify the notification text via both contextual parameters and plain text and hit Next
Select SQL Server instances in the next step
Sensitive column list will be available for the previously selected SQL Server to choose for alert configuration
In the next step, you can add more filtering criteria upon which an alert configuration is detailed. For this article, we’ve chosen to configure an alert when a specific user access the sensitive columns via the specific application
If the advanced filter option remains unchecked, the alert would be triggered on each previously selected column access regardless of how the data is being accessed.
In the next step of the Alert Wizard you can specify e-mail profiles where e-mail notification will be received, and if the notification will be written in Windows error log
Regardless of the choice, the alert notification will always be available in the Alert History tab from the main application ribbon.
In the last step, you can quickly preview the configuration structure and assign a contextual name to the alert
Once the configuration has taken place, ApexSQL Audit will raise the notification alert accordingly of the applied specification
The complete alert notifications can be easily accessed in History alerts tab where you can easily identify any specific notification via filtering options:
- For detailed information about alerting configuration and management, you can consult this How to create a custom alert with an email notification article.