Category: 

What Is a Database Audit?

Article Details
  • Written By: Alex Newth
  • Edited By: Angela B.
  • Last Modified Date: 21 August 2016
  • Copyright Protected:
    2003-2016
    Conjecture Corporation
  • Print this Article
Free Widgets for your Site/Blog
In late 19th-century London, mail was delivered to residential addresses up to twelve times each day.   more...

September 28 ,  1924 :  Two US military planes complete the first flights around the world.  more...

A database audit is a database security control involving several monitoring aspects. It allows administrators to control access, know who is using the database and what users are doing with the database. Auditing is done to prevent database theft and also to keep users from messing up the database code. Some of the monitoring aspects involved in a database audit include identifying users, logging actions performed on the database and checking database changes. A database audit is rarely performed by a person; it is more often handled by a program.

A variety of users access databases associated with businesses or large websites on a daily basis. These users are able to see the data and perform high- or low-level changes to the information based on their access level, and they can store the data in other programs. Without any form of protection, the risk of data theft is very high, because no user could be implicated if any information were stolen.

When a database audit program is installed, this program creates a trail that watches all the users. One basic form of protection is that the audit identifies all users and watches what each user does. Low-level functions normally are not monitored. This is because the functions do not present a threat and because these functions are performed so regularly that the auditing program may be overwhelmed by the amount of data it has to monitor.

Ad

Along with knowing what the user is doing, the auditing program will log actions performed on the database. For example, whenever a user performs a large database change, the auditing program will watch the user and show that the user made the change. The database audit may be set to activate whenever a high-level action is performed, so there is no chance the action is missed by the audit.

These database audits, unless the database is especially small with a few users accessing it, is rarely performed by a person. This is because a person cannot check all of the changes or identify all the users without a high potential of inaccuracy. A program also ensures only potentially threatening or damaging changes are logged.

While theft is the main reason for performing a database audit, it is not the only reason. When the database is changed, an incorrectly coded section can corrupt all database information. With high-level actions such as this logged, the auditor can assign blame to the user who performed the change and appropriate actions can be taken.

Ad

You might also Like

Recommended

Discuss this Article

Post your comments

exception 'Exception' with message 'error writing captcha: Duplicate entry '2147483647' for key 'PRIMARY'' in /ssd/www/wisegeek/public_html/_core/classes/public/Captcha.php:44
Stack trace:
#0 /ssd/www/wisegeek/public_html/_core/controls/public/ControlDiscussionPostBox.php(324): Captcha->createCaptcha()
#1 /ssd/www/wisegeek/public_html/framework/classes/Control.php(104): ControlDiscussionPostBox->preRender(false)
#2 /ssd/www/wisegeek/public_html/framework/classes/Control.php(149): Control->render()
#3 /ssd/www/wisegeek/public_html/tpl/default-nocustom-lu/pages/public/article/article.htm(526): Control->__toString()
#4 /ssd/www/wisegeek/public_html/framework/classes/Control.php(300): require('/ssd/www/wisege...')
#5 /ssd/www/wisegeek/public_html/framework/classes/Control.php(309): Control->requireTpl('pages/public/ar...', Object(PageArticleCom), true)
#6 /ssd/www/wisegeek/public_html/framework/classes/Control.php(131): Control->renderTpl('pages/public/ar...', Object(PageArticleCom))
#7 /ssd/www/wisegeek/public_html/framework/classes/FormDataControl.php(87): Control->renderTemplate()
#8 /ssd/www/wisegeek/public_html/framework/classes/Control.php(109): FormDataControl->renderTemplate()
#9 /ssd/www/wisegeek/public_html/framework/classes/ScriptPage.php(50): Control->render(false)
#10 /ssd/www/wisegeek/public_html/framework/classes/Control.php(149): ScriptPage->render()
#11 /ssd/www/wisegeek/public_html/framework/classes/Page.php(97): Control->__toString()
#12 /ssd/www/wisegeek/public_html/_core/classes/public/PublicFrontController.php(443): Page->processRequest()
#13 /ssd/www/wisegeek/public_html/_core/classes/public/PublicFrontController.php(7): PublicFrontController->renderPage()
#14 /ssd/www/wisegeek/public_html/index.php(11): PublicFrontController::run()
#15 {main}