In the conclusion of our blog series, The Tradeoff Between Database Security and Database Performance, we outline how performance metrics can be used to detect security issues. If you missed it, you can read the previous post on other Metrics To Optimize Security and Performance.
Within the metrics for database performance an abundance of insight is hidden. That makes database performance metrics an often overlooked and underused indirect metric for database security. That is, performance metrics can bring into clear view critical information about the state of database security to mitigate risk.
To protect databases, develop a detailed understanding of how they typically behave. After understanding baseline performance, it is possible to monitor the database more effectively and audit the database activity accordingly. Then, identify any deviation from regular patterns that may indicate security problems.
After establishing some baseline knowledge, improve database security via best practices. For example:
- Inventory which groups, individuals, devices, and application can access sensitive data and by which methods.
- Establish a security policy, distribute the policy throughout the organization, and train all relevant staff on following the policy.
- Implement security methods that inform the IT team when performance metrics deviate from standard values.
- Develop response plans for when performance abnormalities trigger alerts and ensure that the entire IT team fully understands these plans.
- Verify that the organization adequately documents security compliance for regulatory and audit purposes.
- Review performance metrics frequently and regularly as the baseline performance metrics may change when the organization evolves.
- Simplify these tasks by using dedicated tools with relatively easy learning curves.
Performance metrics can be used to detect security issues. Understand baseline behavior to recognize abnormal patterns. After establishing normal activities, maintain security by following best practices. These steps will help to improve the ability to achieve the apparently conflicting goals of improving both database security and performance.
How IDERA Can Help:
SQL Management Suite is a bundle of five essential products for complete SQL Server management. It covers performance, compliance, security, backup, and index fragmentation. It includes SQL Diagnostic Manager Pro (with SQL Workload Analysis and SQL Query Tuner), SQL Compliance Manager, SQL Secure, SQL Safe Backup, and SQL Defrag Manager.
Read more in the full whitepaper.