Where Manageability and Security Meet for a Common Goal
The database manageability experience is in constant evolution. Not only because of new cloud consumption models but also with managed databases where the end customer is delegating the database administration tasks. This delegation may be to another group within the company, or to HPE GreenLake Managed Services (GMS) or other managed services providers (MSP) including in the public cloud. For many customers, this raises security concerns. Is my data still confidential? In what countries does it travel exactly? Am I losing security governance? How do I trust this new partner with my data? And if a security breach does happen, what are my options to ensure accountability? What do I need to do to achieve the same security level as when the database was in my own datacenter?
Clearly, this transformation calls for absolute security on both the manageability layer and of course the underlying database where the mission-critical data exists such as for payment processing or healthcare records. For example, auditing may ease your mind by allowing you to identify any unwanted action that has been performed. Role-Based Access Control may greatly facilitate the setup of a “service” account that cannot access data yet maintain the database environment up and running.
But the other key element to realize is how some of those features are required not just for security purposes but also because of the new consumption models and the explosion of user-profiles managing the database. It is one of the first discoveries you make when you look at implementing something like database-as-a-service (DBaaS). In a DBaaS environment, end-users deploy their own semi-virtual database in a self-service fashion. Commonly referred to as tenants, they oversee their mini replica of a database instance but with a simplified set of generic database functions. In another scenario, like a managed database, even if you do not use multi-tenancy, you may need another group to service your database, so yet another profile type that is not your typical, highly powered DBA. And beyond DBaaS, analytics calls for more new profiles such as data scientists creating new data products. At this point, it becomes obvious that database management is a very different task depending on who you are.
The good news is that setting up those profiles for management purposes goes hand in hand with setting up your security correctly. The concept of zero trust starts with assigning the functions one role requires to do their job and nothing more. With a feature like RBAC, you decide who does what. And if you also centralized all the management activities in a single-entry point (using SQLXPress) then your security setup is applied all at once. And by the way, you are still using the same tool you were using in your data center that has been supported and enhanced for many years. All it requires is to be launched remotely, get through a single opened port in the firewall, and possess the security features that the new environment demands.
SQL Database Management that is Modern and Secure
For HPE NonStop SQL, SQLXPress from XYPRO is the most secure and functional NonStop SQL database management solution. Consider SQLXPress the Microsoft SQL Management Studio for SQL/MX. SQLXPress comes with a comprehensive set of security controls, which include:
- Multi-Factor Authentication
- Access Control
- Session Encryption
- Code Integrity
By prompting users for a second factor, SQLXPress supports multi-factor authentication (MFA), a PCI-DSS, and GDPR requirements. When combined with XYGATE User Authentication (XUA), (included with every HPE NonStop server), you’re not only up to date with the most recent PCI DSS 4.0 MFA compliance requirements, but also with the advice of absolutely every security expert. Multi-factor authentication is an absolute must!
Set the level of audit data collected by the audit subsystem. The SQLXPress audit subsystem logs users’ actions and stores detailed information such as date and time, user logon name, PC device identification, SQL statement text, SQL parameter values, outcome details, and much more.
Through XYGATE Merged Audit (XMA), (also included with every HPE NonStop server), audit trail data is integrated with analytics solutions such as SPLUNK. A comprehensive set of audit reports is available, ranging from activity summaries to individual detailed actions. Reports can be filtered based on the time of day, the user, the device, and the SQL object name.
Audit data provides answers to questions like:
- Who accessed or changed the data?
- Which device was used to make the change?
- Who attempted to execute an unauthorized command?
Effective troubleshooting requires audit data. It provides diagnostic information and other access data for troubleshooting errors and permission issues. Every HPE NonStop server includes XMA. Furthermore, an XMA plugin integrates SQLXPress audit data directly into XMA, enabling sophisticated audit reporting and alerting for all NonStop SQL activity. Simply send that audit data to your enterprise analytics tools, such as SPLUNK or QRADAR, and NonStop database security is integrated into your overall enterprise security program.
NonStop SQL includes access control by default. SQLXPress extends these standard access control features by giving users more granular control over the actions they can perform and the SQL objects they can access from within SQLXPress.
Role-Based Access Control
SQLXPress, like all XYPRO software, supports a role-based access control model:
- Permissions are granted to roles to perform activities
- Users are assigned to roles
- Roles may be limited to a specific “environment” (an environment is a collection of specific SQL objects)
- Access and activity requests are subject to authorization checks.
Access control is tailored to the organization’s requirements.
Separation of Duties
The Security Administrator is in charge of configuring and managing the SQLXPress security subsystem, including auditing and access control through a familiar user interface.
To really appreciate SQLXPress access control let’s look at some use cases:
Use Case 1: Command Restriction
NonStop SQL gives the owner of a SQL object, such as a table or a view, the ability to perform any DDL or utility operation on the object. SQLXPress access control improves on this by allowing restrictions to be applied to individual operations.
Many commands, such as Update Statistics and Split Partition, are part of a DBA’s routine duties. They should be performed on an ongoing basis by the DBA.
However, some operations, such as Purge Data, Drop Table, or Disable Trigger, are not required for normal database operations and can have disastrous consequences if performed inadvertently. During normal use, SQLXPress access control allows these potentially dangerous commands to be “locked down.” When the DBA needs to run a locked-down command, the Security Administrator temporarily grants the command permission. The security administrator revokes permission once the command has been completed.
Use Case 2: Data Access Restriction
NonStop SQL allows the table’s owner to view and modify the data stored in the table. SQLXPress access control can be used to restrict the owner’s data access while still allowing the owner to manage the table.
SQLXPress security controls allow the owner to be prevented from changing data and even from viewing data.
Use Case 3: Restrictions on Database Visibility
SQL metadata is a rich source of information about the system’s databases. It contains information such as table and column names, security settings, data validation rules, and much more. Most organizations will want to restrict SQL metadata access to only authorized users.
NonStop SQL/MX, on the other hand, secures SQL metadata for public read access. This means that any SQL/MX user on the system has access to information about all of the databases on the system. Metadata in SQL/MP is secured per catalog.
The SQLXPress access control feature allows the Security Administrator to define one or more “environments” on a system to enable database visibility restrictions. An environment restricts the view of SQL objects on a system. The user is only shown objects that have been registered in an environment.
By assigning a user a role for an environment, the Security Administrator can limit the SQL objects that are visible to him. To use SQLXPress, the user must first open an environment and can only work with SQL objects registered in that environment.
Furthermore, a user can be assigned to multiple environments and even assigned a different role in each of those environments. For example, in the DEV ATM environment, user DEV.JOHN can be assigned the role of Senior DBA and the role “Guest” in the QA ATM environment.
SQLXPress is the leading solution for managing HPE NonStop SQL databases, with the most comprehensive set of features and full support for both NonStop SQL/MX, SQL/MP, and NonStop SQL Cloud Edition. HPE NonStop SQL databases are used to store highly sensitive and private data. Customers expect their database engines and database management tools to provide comprehensive security in an increasingly security-conscious world that includes new consumption models, and SQLXPress delivers.