Privileged Access Management (PAM) Solution for Database

Easily control, monitor and record access to your server and database sessions.

Why You Need Privileged Access Management for Your Database

Implement Least-Privileged Access Policy

Control how employees access your data and ensures they only have the necessary levels of data access to do their job.

Identify Malicious or Accidental Activities

Monitor server and database sessions to identify both insider and external threats, or accidental misuse of data.

Improve Regulatory Compliance

Records data access sessions and activities that can be easily audited for regulatory compliance or for internal purposes.

A More Secure Approach to PAM

Traditional PAM solutions manage privileged account passwords centrally, usually in an encrypted vault. The problem is that passwords are inherently insecure, and those passwords are shared with people with privileged access.

Instead of passwords, Mamori PAM (M4PAM) verifies privileged access by identity. That means users can use their same login credentials, but further secured by two factor authentication (2FA) and single sign-on (SSO).

PAM for Database Access, Data Visibility, and Data Operations

Privileged Access Management should extend to all your resources, especially to where your critical data is stored – your databases and the tables inside. Mamori allows you to control who has access, what they can see, and what they can do with your data.

WITHOUT MAMORI

  • No web app protection (Synapse)

  • All access via Direct IP access

  • DBA must manage accounts & permissions across many databases

  • Disabling a directory account does not auto remove DB access

WITH MAMORI M4PAM

  • Auto on-boarding & off-boarding

  • Connection policies

  • Permission policies

  • Statement policies

  • Masking policies

  • Recorded session

  • SQL Firewall


Enforce Database Access Controls

People should have different levels of access to the database, depending on their job function. Mamori allows you to control which authorized users have access to what data.

  • Role-based Least-Privileged Access – Define what roles or groups have access to database with the minimal level of access.

  • On-Demand Elevated Permissions – Grant elevated privileged access based on an as-needed basis. Access can be limited by time-frame or on individual basis.

  • SSO & 2FA for Direct Database Access – Use zero-trust approach to ensure the identity of the user who’s accessing the database.

Control Data Operations

Depending on role, some people should have permission to edit or delete data, while others can only view data. Mamori enables you to control what they can do with your data.

  • Access Control by SQL Commands – Allow or block the ability to run SQL commands, or restrict by specific types of SQL command.

  • Access Control by Executable – Allow or block specific or all executable operations within the environment they have access to.

Control What Data Can Be Seen

Sensitive data, such as personally identifiable information, should be masked to protect the individual and for regulatory compliance. Mamori gives you control over what data can be seen for privileged users.

  • Access Control by Tables, Columns or Rows – Control who has access to certain tables, and further defining what rows or columns they can see.

  • Dynamic Data Masking – Obfuscate data so it has little to no value to unauthorized individuals who has access to those data rows or columns.

  • Multiple Policies per Table – Each table can be controlled by multiple rules, including what those with access can do with those tables.


Mamori Database PAM works with Existing PAM Solutions

via Jumpbox or Direct

Protected Databases

Implement Mamori’s PAM in 3 Simple Steps:

  1. Deploy a Mamori Server – Install Mamori in one of your servers, whether on-premise or cloud. No agents. No changes to servers, directories, or databases required. Setup an admin account and configure 2FA and alert settings.

  2. Integrate with Existing Directory or Create New Identities – Your existing directory and access settings can be easily rolled over.  

  3. Define Access Controls – After defining roles and identities, configure what these roles can access and what they can do with those data. 

Start Controlling Access to Your Servers, Databases and Data

Are you a small business?

Get Mamori’s Free PAM Solution that extends to the database.