SuperGovernance Utility

SmartSure Symbol

What is SuperGovernance?

SuperGovernance is a component of Smart System Management that helps the business ensure that a company’s security policies are being strictly enforced by the DBAs.

Customers can monitor the database access controls, or permissions, that have already been implemented, as well as being able to check if someone is trying to do things they shouldn’t be doing.

Why Do You Need It?

Companies are under a lot of pressure to ensure that their sensitive data is secure. Smart Governance provides an additional level of security to address, among other things:

1. Increased Regulatory and Compliance requirements, where it can support some business processes in complying with regulatory obligations, such as the General Data Protection Regulation (GDPR) in Europe, or Sarbane Oxley in the US.

2. Unintentional breaches – situations where DBAs grant access to sensitive data in error, or users unknowingly access sensitive data.

3. Bad actors - where disgruntled or dishonest employees, or a third party, act suspiciously or maliciously by accessing sensitive data in contravention of the company’s security policies.

How Does It Work?

The tool allows customers to define what criteria they want to be detected and reported on.

It is a flexible framework that uses configurable parameters to customise these events, their frequency, and method of alerting. To detect that a criterion has been met, it interrogates system tables and logs. The timing of the alerts, which can be via email or a messaging app, will depend on how frequently the system tables are updated but can occur in near real time.

Alerts can be directed to DBAs, and/or to any manager such as the Chief Security Officer or their team to ensure that the appropriate follow-up actions are taken.

Examples Of How It Can Be Used

Some examples of how this feature can be used are:

  • Sending a notification when an unauthorised action is detected, such as:
    • when a user tries to insert, update or delete records of a restricted table without the required permissions
    • when an unauthorised person tries to login to the system
  • Sending periodic reports showing unusual activity, such as:
    • updates to a restricted database that haven’t been done by the ETL service account
    • queries run against a restricted database that are not from authorised BI accounts
  • Helping the business to conform to some GDPR requirements, such as:
    • reporting who is accessing specific customer data
    • identifying potential data breaches
  • Ensuring the DBAs are setting database permissions strictly in accordance with company security policy. In this regard the module can work in conjunction with SMF’s LDAP Synchronization functionality

Further Information

Download the Smart Management Frameworks brochure here.

To see the SuperGovernance intro video, click here.

If you would like more information, contact us here and we'll get in touch.