Achieve Compliance and Reduce Risk

User Rights Management for Databases Specifications

  • Virtually every regulation has requirements to manage user rights to sensitive data. Complying with these requirements is one of the most difficult tasks to carry out effectively, despite built in database controls. User Rights Management for Databases (URMD) helps you establish an automated access rights review process to eliminate excessive user rights. It also enables you to demonstrate compliance with regulations such as SOX and PCI DSS. URMD lowers IT labor costs associated with database user access management.

    Key Capabilities

    • Streamline User Access Compliance

      URMD allows you to easily demonstrate an automatic, repeatable process for reviewing access rights, which is a requirement of regulations like SOX 302 and 404, and PCI 7 and 8.5. URMD includes a workflow framework to support user rights review and authorization processes.

    • Save Time by Automatically Connecting the Dots

      Discover the information you need to reduce the risk of unauthorized data access without spending countless hours attempting to do it manually. URMD automatically correlates user rights with information about data sensitivity, quickly clarifying important relationships.

    • Discover and Remove Excessive Access and Dormant Users

      Hackers look for easy opportunities to access sensitive data. User accounts with a lot of access to data are valuable targets because they provide a lot of leverage. So are dormant user accounts because suspicious activity, such as unexplained changes, go unnoticed by the account owner. With URMD, you are able to reduce the chance of a security breach by identifying users with excessive access rights, as well as dormant user accounts.

  • Specification Description
    Supported Database Platforms
    • Oracle
    • Oracle Exadata
    • Microsoft SQL Server
    • IBM DB2 (on LUW)
    Centralized User Rights Management
    • Aggregates user rights across all corporate databases into a single repository for centralized management
    Access Rights Review
    • Enables automated, repeatable process for reviewing user access rights
    Excessive User Rights Analysis
    • Supports comprehensive investigation of excessive
    • User rights
    LDAP integration
    • Add user organizational details (role, department, manager, etc.) to help validate access base on 'need-to-know'
    Pre-defined reports
    • Canned reports show effective user rights, permission grants, role grants, unapproved rights and unused rights
    Compliance Reports
    • Compliance Report streamline reporting on user access rights to sensitive data. User Rights Change Log demonstrates the existence of a user rights review process.
    Custom Reports
    • Custom reports can be easily created to document analysis results
    Authorization Workflow
    • Authorize or request to revoke user access rights based on analysis results
    • Add on option to all SecureSphere Database Security product platforms including virtual platforms
    Licensing Options
    • Time based licenses: expire 30 days after activation
    • Perpetual licenses: no expiration date
    When integrated with Database Activity Monitoring or Database Firewall:
    Rights usage Analysis
    • See how often user rights are used and last usage date
    Dormant Rights
    • Find users who haven’t used their privileges for a while
    Dormant Accounts
    • Shows the last time an account has been active on the database