Data Access Manager

Securing Data Access with logging, policy enforcement, and real time data masking.

Ironsphere’s Data Access Manager secures data access with logging, policy enforcement, and real time data masking. It isolates privileged user sessions (such as DB admins) and secures access, controls changes, and logs all privileged user activities on sensitive data sources, such as databases and file transfer servers.

The agentless, man-in-the-middle approach of Session Manager eliminates the need of software agents to be deployed on target systems or user computers.

Ironsphere’s Data Access Manager supports a wide range of data sources, including Oracle, MSSQL, MySQL, Teradata, Cassandra and Hive, among others.


  • All queries are logged indisputably. Users authenticate with their own credentials even if there is no such DB user, so the real user who is running a query is known and logged.
  • Sensitive data is manipulated and delivered to applications or users in a way that is no longer sensitive, but still coherent and usable.
  • Discovers sensitive data such as credit card or personal ID numbers residing in Database and Big Data servers.
  • Policies (DB masking rules) can be assigned to users’ and applications’ accounts easily and instantly.
  • Managing or limiting access to certain database objects for certain users based on a need-to-know principle.
  • Eliminates weak and non-expiry passwords. Disables inactive accounts.
  • Accounts can be limited timewise (hours of day, day of week, etc.).
  • Has almost no performance degradation impact on target databases.
  • Users continue to use their favorite clients, such as toad.
  • Real-time tracking of user actions and changes made to databases.
  • Protection against external data breaches and accidental data leaks.
  • Securing access and standardizing Data Auditing across all SQL or NoSQL databases.