Since the first release of cloud.sentryone.com, one of the most frequently-asked questions has been, "How secure is my data?" With all the stories in the news recently regarding cyber-hacking, information stealing, and data security, I thought it was time to create a good primer on cloud security as it relates to our service. To start, let me just say that we have gone to great lengths to protect your data, and even more importantly, give you the tools to protect your data yourself.
To begin with, SQL Sentry in no way ever does anything with the data stored in your local repository unless you first provide explicit permission. All data that is on-premise, remains on-premise, until one of your SQL Sentry administrators decides to activate cloud sync. Activating cloud sync requires the SQL Sentry administrator to create an account from within the client software.
I will drill deeper into each of the following topics, but at a high level these are the security features provided by SQL Sentry for cloud data synchronization:
- User Security – Data can only be uploaded by a SQL Sentry administrator
- Data Selection – User has complete authority over which computers and connections to sync, and may alias them to obfuscate or simplify the names
- Category Selection – User has the ability to enable/disable syncing of various data categories
- Synchronization – Compressed and encrypted data is sent to cloud.sentryone.com through the use of a custom service designed for speed and security
- Cloud User Restrictions – The database owner determines which data is shared from cloud.sentryone.com through the use of built-in SQL Sentry security.
While I briefly touch on some of the "how-to"s in this post, I'm purposely leaving out a lot of the details on how to accomplish the tasks in SQL Sentry so I can focus more on the purpose of each function as it relates to security. If you would like to learn more about SQL Sentry, or about cloud.sentryone.com in general, I suggest you link over to our web page and give the Demo Account a try, or hit our online help for more instruction.
You can register for cloud synchronization directly within the SQL Sentry Client. In the navigator, go to Monitoring Service -> and double-click cloud.sentryone.com:
If you haven't already set up synchronization, you should see this screen:
Press the "Configure Sync" button, and you will be presented with this form:
You can register using an existing cloud.sentryone.com account, or you may create a new one.
Now that you have an account, select which data you would like to have synchronized to cloud.sentryone.com. Return to the configuration screen for cloud.sentryone.com under the Monitoring Service tab of the Navigator to make the selections for which servers and data categories you are interested in syncing to the cloud. If you have multiple servers, each will be listed, along with all of their watched connections. You may select any or all servers to be synced by clicking the Enabled checkbox on the Configuration grid. Alternatively, you can right-click on the grid and use the context menus to Enable/Disable Computers/Connections as a group.
Computer and Connection names may be aliased to prevent exposing names of servers in your organization. You can type in your own aliases or you can click the Generate Aliases button and let SQL Sentry give each Computer and Connection a generic name. However, we suggest providing names that are meaningful based on their function in your enterprise. In addition, you may choose to not include Logins and Host Names in your synced data by unchecking this option on the configuration Preferences panel.
To provide additional granularity for the data you upload, you may drill into the connection and Enable/Disable data upload for Top SQL, Blocking SQL or Deadlocks. We provide these options because, depending on the data collected by our monitoring service, there may be queries that appear in these categories of data which could contain SQL Server object names and/or logic which you prefer not to expose outside of your organization. Keep in mind that we currently only collect this data to make reports available from the cloud more meaningful, so if you choose not to upload it, you will not lose any of the cloud performance information.
Note: Regardless of what sub-systems are disabled, performance metrics and Custom Condition data will always be synchronized for connections that have cloud syncing enabled.
Once you have configured SQL Sentry for cloud synchronization, your last step is to Enable it. Do this by clicking on the toggle button. By default your data will be sent to the cloud every 1 minute but you may change this frequency if you desire.
The synchronization process is handled by the SQL Sentry monitoring service. A secure channel is created between your on-premise location and our cloud servers. This connection is made through the use of a secure certificate using https. Data is highly compressed and encrypted, so in the unlikely event that it would somehow be intercepted, the encryption and compression would make it nearly impossible to decipher. Finally, we use protocol buffers to send the data from your location to the cloud to keep the process lightweight and very fast.
The main purpose for sending your data to the cloud is to allow other users to see and understand what is happening in your environment. There are many ways to do this in our cloud application, but from a security standpoint, we want to make sure users you share your information with see only what they are intended to see. For this reason, we fully respect all the security you may have created in SQL Sentry by using Rights-Based Security for Contacts in your on-premise database. To share data with another user in the cloud, the database owner must log in and go to the Server Details area of the cloud, and then to Settings. From there, type in an email address and, if the user you are sharing with is an existing SQL Sentry Contact, you may select them from the "Link to SQL Sentry Client User" dropdown list and associate them accordingly. When the user creates their account and logs in, they will only be able to see the data for any computers and connections which they have access to in the on-premise client software.
cloud.sentryone.com has been a work in progress since 2012, and we have taken many steps to build an infrastructure that is sound and secure. Much like constructing a skyscraper, we spent a lot of time assembling a foundation before we had progress taking place "above ground." We have built many layers of security and feel extremely confident in our ability to protect your data and let you decide how and with whom it is shared.