Database software platforms typically integrate basic audit capabilities but they often suffer from multiple weaknesses that limit or preclude deployment. This articles explains some of the major factors that would prevent the deployment of data audit in many business organizations as highlighted below:
1. Lack of User Accountability
When a user uses a web application to access a database, the native audit mechanism have no awareness of specific user identities. Because of this user activity is associated with the web application account name. Therefore, when native audit logs reveal fraudulent database transactions, there is no link to the responsible user hence one can use someone else account to do wrong and not be found.
2. Performance Degradation
Native database audit mechanisms are notorious for consuming the CPU and disk resources. When there is so much resource consumption there is reduction in performance hence slowing down most organizations projects. Most organizational managers are very cross with their projects hence they tend to want the results in time. Because of this, most organizations tend not to deploy the use of data audit as it seem not to be good for business.
3. Separation of Duties
Many users with administrative access (whether legitimate or maliciously obtained) to see privilege information on database server can simply turn off auditing to hide fraudulent activity. Because of this great misunderstanding, auditing of what is happening on the database should be separated. That is having both database administration and the database server platform. In this way it will avoid conflicting with the users ensuring one has some level of privacy.
4. Limited Granularity
Many native audit mechanism do not record details necessary to support attack detection, forensics and recovery of information. For example, database client application, source IP addresses, query response attributes and failed query which are very important attack reconnaissance indicator and are not recorded by many native audit mechanisms. This reduces deployment of data audit in many organizations as they tend not to see any major use if it does not aid in protection of the databases.
Audit mechanism are unique to database server platform. This comes as a disadvantage for most organizations who tend to use a mixed database servers platforms. Because of this they have to deploy different audit mechanism for each database server platforms they are using. This can be expensive on most organizations, hence they always tend not to deploy a data audit mechanism to each and every database server platform they are using.
It is clear that most organizations do not tend to see the importance of using data audit mechanism. It seems that most of their reasons are justified but before we write off the use of data auditing it also has advantages and its use is of great importance to the organization and writing it off will definitely be a great mistake.
Most of the database server platforms have definitely put all the above concerns into consideration and are definitely providing a better services that will conform to the grievances of many organizations. Hence providing better protection of the database.