What information is in your SQL Server database? Who has access to it? Should they have access to it? Can they change the data surrepitously to cover something up? These are the basic questions a whole host of regulations, standards and laws like SOX, PCI, HIPAA, and others are designed to ask. Microsoft SQL Server is smack in the middle of these questions as a repository for that information. In this webinar, we'll cover some of what Microsoft SQL Server provides to answer these questions and how best to implement them for your environment. We'll look at what works and what doesn't. And because the fine details of dealing with audits and compliance can be tedious and time consuming, we'll also look at ways to automate these things to reduce the amount of time you're required to spend on them.
Brian Kelley is an author, columnist, Certified Information Systems Auditor (CISA), accredited CISA trainer, and former Microsoft Data Platform (SQL Server) MVP (2009-2016) focusing primarily on SQL Server and Windows security. Brian currently serves as a data architect as well as an independent infrastructure/security architect concentrating on Active Directory, SQL Server, and Windows Server. He has served in a myriad of other positions including senior database administrator, data warehouse architect, web developer, incident response team lead, and project manager. Brian has spoken at 24 Hours of PASS, IT/Dev Connections, SQLConnections, the SSWUG Virtual Conferences, the Techno Security and Forensics Investigation Conference, the IT GRC Forum, SyntaxCon, and at various SQL Saturdays, Code Camps, and user groups.