In order to ensure our organization’s controls over its system relevant to security, availability, processing integrity, confidentiality, or privacy SQLGrease is SOC2 compliant. SQLGrease is audited for SOC2 compliance by a third party. Contact us to request our compliance report.
SQLGrease can function with a minimal set of permissions to your database. VIEW SERVER STATE and VIEW ANY DEFINITION are the only required permissions for SQLGrease to collect (VIEW DATABASE STATE for Azure SQL Database). These permissions prevent SQLGrease from having the ability to read any data. These permissions only allow access to diagnostic information.
In the case that queries in your database are not parameterized SQLGrease will sanitize (mask) any queries that have constants in them. Additionally this logic is applied to deadlock graphs as well as execution plans. Execution plans are examined for constants and parameter compiled values to ensure no data is leaked. This process occurs prior to any data leaving your data center. Click here to download a detailed description of this.