A characteristic theme of all the current legislation on the responsible curation of data is that there should be a system for continuously monitoring and analyzing database activity in real-time. This Database Activity Monitoring (DAM) system must detect anyone, inside or outside the organization, accessing or tampering with information in any database-driven applications that handle personal, financial, HR, or other business data.
The monitoring system will collect metrics such as syntax errors, denials of access, permission changes and unusual access patterns, and then aggregate them, and report on them. Although this sort of database security monitoring is part of the broader activity of database auditing, and real-time protection, it is quite separate from, and independent of, any defensive techniques to prevent an attack. The aim is to be immediately aware of whether this layer of defense has been avoided, sidestepped, or penetrated and to detect any unusual activities on the server, including database read and update activity, server or database settings, or permission changes.