• One Identity Safeguard allows organizations to manage, monitor, record and audit administrators’ access to Microsoft SQL Server 2017. SQL Server 2019 and Azure SQL Database
  • Real-time and historical visibility into DBA sessions can help organizations identify and block suspicious activity to prevent security incidents
  • One Identity is the first to provide a PAM solution to audit native SQL Server and Azure SQL Database client-server communication, accelerating and streamlining deployment and ongoing maintenance 

ALISO VIEJO, Calif. – April 30, 2020 – One Identity, a proven leader in helping organizations implement an identity-centric security strategy, today announced that its One Identity Safeguard solution now supports Microsoft SQL Server 2017 and SQL Server 2019 database environments. Microsoft was positioned as a Leader in the 2019 Gartner Magic Quadrant for Operational Database Management Systems*. One Identity Safeguard, organizations can for the first time securely manage, monitor, record and audit database administrators’ access to SQL Server environments to enable appropriate privileged user activity and quickly identify suspicious behavior. One Identity is the first privileged access management (PAM) vendor to audit SQL Server  and Azure SQL Database connections by native client support, drastically speeding up and simplifying deployment, maintenance and user workflows – not only for full time employed users but third-party users as well. 

The Dangers of Unfettered Privileged Database Access
Hackers want access to privileged or administrative accounts because they provide virtually limitless access to an organization’s most sensitive data and systems – including databases. Thousands of organizations from across the globe rely on SQL Server databases to store a wide range of highly sensitive information, from core business software to customer and employee information, making administrative access protections critical. 

If a hacker gets a hold of a database administrators’ credentials and access is not properly managed and monitored, not only could sensitive data within the database be exposed, but also data within other systems. Because administrative passwords are commonly reused and shared, bad actors are incentivized to move laterally across IT systems, testing successful administrator credentials on various privileged systems until more and more access is obtained. 

“Database security has never been more paramount as hackers place an increasingly high value on an organization's stored data assets,” said Darrell Long, vice president of Product Management for One Identity. “Key to protecting these assets is ensuring that database administrator access and activity is fully monitored and managed in order to quickly identify suspicious commands and potential security threats. We launched native support for recording SQL Server and Azure SQL Database sessions in Safeguard to help organizations increase database security to protect their most sensitive and valuable information.”


Securing Privileged Access in SQL Server Environments
With One Identity Safeguard, administrative access to SQL Server and Azure SQL Database are fully managed, controlled and audited. The integrated solution includes a secured and hardened password vault, a real-time session monitoring and recording and privileged behavior analytics to quickly shut down threats while providing database administrators with the access they need to complete their job functions. Security of SQL Server environments can be further improved with two-factor authentication solutions, an integration with third party authentication and authorization systems with plugins or storing SQL passwords in the vault. 

Safeguard features integrations with backend user management systems, such as Microsoft Active Directory or LDAP, with policy-based access enforcement and credential management. For example, administrators are required to provide personal credentials before access is granted, while a password vault enables password check-out for authorized users only to prevent password sharing. 

Session monitoring and recording gives organizations real-time and historic visibility into the data and systems that database administrators access. Audited sessions are encrypted, timestamped and stored in a trail file for tamper-proof evidence of actions taken throughout each session. Organizations can also execute commands – like initiating security alerts – in near real-time when a risky command is observed. Additionally, Safeguard serves as a proxy, inspecting application-level protocol traffic and can reject any traffic in violation of that protocol to shield the organization against attacks. 

One Identity uniquely offers native support for recording and monitoring SQL Server and Azure SQL Database environments, meaning organizations can leverage their existing database tools and processes to access SQL environments. This eliminates the need for organizations to increase security without changing the way users gain access to SQL environments. 

“Due to the critical data stored in SQL environments both on-premises and in the cloud, ensuring only authorized users get access is critical to data protection” said Wisam Hirzalla, senior director, Azure Marketing at Microsoft Corp.  “One Identity Safeguards monitoring capabilities work natively with both SQL Server on-premises and Azure SQL Database to ensure only authorized users gain access.” 

To learn more, visit: https://www.oneidentity.com/products/one-identity-safeguard-for-privileged-sessions/ 

*Source: Gartner Magic Quadrant for Operational Database Management Systems, November 2019. 

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 

About One Identity
One Identity, a Quest Software business, lets organizations achieve an identity-centric security strategy with a uniquely broad and integrated portfolio of identity management offerings including AD account lifecycle management, identity governance and administration and privileged access management. One Identity empowers organizations to reach their full potential, where security is achieved by placing identities at the core of the program to enable proper access across all user types, systems and data. One Identity and its approach is trusted by customers worldwide, where more than 7,500 organizations worldwide depend on One Identity solutions to manage more than 125 million identities, enhancing their agility and efficiency while securing access to their systems and data – on-prem, cloud or hybrid. For more information, visit http://www.oneidentity.com


Media Contacts
Andrea Ipolyi
One Identity Global PR
+36 1 398 6700

Molly Hanrahan
Highwire PR

Related Content