ABSOLUTE DATA EXCELLENCE
ABSOLUTE DATA EXCELLENCE
South Africa's breach record tells a consistent story – and it leads to the database layer.Key Takeaways The extraction point, not the entry point - Security investment concentrates on the perimeter and the endpoint, but the data leaves from the database – the one...
Prepare for the SQL Server 2025 era with a sequenced strategy for modernisation, optimisation, and protection across architecture, operations, and enterprise risk.Key Takeaways SQL Server 2025 should be approached as the start of a broader platform era, not simply...
Explore how SQL Server 2025 strengthens enterprise security through enforced secure defaults, identity integration, encryption, and governance assurance across hybrid environments.Key Takeaways SQL Server 2025 shifts enterprise security from optional hardening to...
South Africa's breach record tells a consistent story – and it leads to the database layer.Key Takeaways The extraction point, not the entry point - Security investment concentrates on the perimeter and the endpoint, but the data leaves from the database – the one...
Prepare for the SQL Server 2025 era with a sequenced strategy for modernisation, optimisation, and protection across architecture, operations, and enterprise risk.Key Takeaways SQL Server 2025 should be approached as the start of a broader platform era, not simply...
Explore how SQL Server 2025 strengthens enterprise security through enforced secure defaults, identity integration, encryption, and governance assurance across hybrid environments.Key Takeaways SQL Server 2025 shifts enterprise security from optional hardening to...
Explore how SQL Server 2025’s built-in intelligence helps organisations optimise performance, gain deeper insight, and reduce data-platform complexity.Key Takeaways SQL Server 2025 shifts optimisation from a reactive activity to an intelligence-driven discipline....
Still paying Microsoft for Azure by credit card? Discover why finance and IT leaders prefer the CSP model for predictable billing, built-in partner support, cost optimisation, and long-term value.Key Takeways Credit card billing creates risk - Failed or expired...
On July 9, 2024, support for SQL Server 2014 ended. That means the end of regular security updates. Don't let your infrastructure and applications go unprotected. We're here to help you migrate to current versions for greater security, performance and innovation.We've...
On July 12, 2022, support for SQL Server 2012 ended. That means the end of regular security updates. Don't let your infrastructure and applications go unprotected. We're here to help you migrate to current versions for greater security, performance and...
Still paying Microsoft for Azure by credit card? Discover why finance and IT leaders prefer the CSP model for predictable billing, built-in partner support, cost optimisation, and long-term value.Key Takeways Credit card billing creates risk - Failed or expired...
On July 9, 2024, support for SQL Server 2014 ended. That means the end of regular security updates. Don't let your infrastructure and applications go unprotected. We're here to help you migrate to current versions for greater security, performance and innovation.We've...
On October 10, 2023, support for Windows Server 2012 and 2012 R2 ended. That means the end of regular security updates. Don't let your infrastructure and applications go unprotected. We're here to help you migrate to current versions for greater security, performance...
On July 9, 2019, support for SQL Server 2008 and 2008 R2 will end. That means the end of regular security updates. Don't let your infrastructure and applications go unprotected. We're here to help you migrate to current versions for greater security, performance and...
As the year draws to a close, we would like to express our appreciation to our clients, partners, and colleagues for the trust and collaboration that have defined the year. We wish you and your teams a restful festive season and a successful year ahead, and we look...
Microsoft SQL Server 2025 marks an important shift in how organisations modernise, optimise, and protect their data platforms. As data estates become more hybrid, more intelligent, and more tightly governed, SQL Server 2025 is no longer just another upgrade cycle. It...
Standardised pricing will replace Microsoft’s long-standing tiered discount model - prompting many organisations to review the CSP programme for its cost savings, licensing flexibility, and simplified management.Microsoft Tiered EA/MPSA Pricing Ends Microsoft will...
As the year draws to a close, we would like to express our appreciation to our clients, partners, and colleagues for the trust and collaboration that have defined the year. We wish you and your teams a restful festive season and a successful year ahead, and we look...
Microsoft SQL Server 2025 marks an important shift in how organisations modernise, optimise, and protect their data platforms. As data estates become more hybrid, more intelligent, and more tightly governed, SQL Server 2025 is no longer just another upgrade cycle. It...
As we wrap up the year, we’d like to extend our sincere thanks to our clients, colleagues, and partners for your continued trust and support. We hope the festive season brings you the chance to slow down, recharge, and enjoy time with family and friends. Warm wishes...
Facing platform ‘end of life’ issues together with increasing pressures to digitise processes, increase profitability and innovate on product and service, organisations are finding Data Platform Modernisation projects can deliver significant value by enabling IT cost...
First Distribution’s Database Administration, Security and Compliance needs lead it to trusted advisor, Ascent Technology. For any large organisation, Database Administration (DBA) is a vital part of maintaining their Data Platform Operations effectively. As it has...
When Bidfood SA chose to modernise and migrate its data platform to Microsoft Azure, it turned to Ascent Technology for help. In a world that is digitally transforming, it is more vital than ever to an organisation’s success to utilise the latest platforms to drive...
A Windows Server and SQL Server consolidation, optimisation and migration to Microsoft Azure enables the company to reduce costs, modernise its data platform and boost its innovation capabilities. As an operator running two distinct betting businesses, Phumelela...
First Distribution’s Database Administration, Security and Compliance needs lead it to trusted advisor, Ascent Technology. For any large organisation, Database Administration (DBA) is a vital part of maintaining their Data Platform Operations effectively. As it has...
When Bidfood SA chose to modernise and migrate its data platform to Microsoft Azure, it turned to Ascent Technology for help. In a world that is digitally transforming, it is more vital than ever to an organisation’s success to utilise the latest platforms to drive...
Microsoft Azure Data Platform Services not only boosts the company’s DR facilities, it also helps them deliver value-added services and innovative strategic solutions to its customers. In a digitising world, it comes as no surprise to learn that Compatible Automotive...
Ascent Technology assists Rand Mutual Assurance (RMA) with modernising its Windows Server and SQL Server, Azure Based Data Platform Architecture, ensuring Agility and Flexibility to cater for the company’s increased workloads. RMA is South Africa’s leading...
Ascent Technology continues its strong showing in the Microsoft Partner of the Year awards, as a finalist in the Data and Analytics Partner of the Year award.Finalist Data and Analytics Partner of the Year "It is always gratifying to be recognised by Microsoft as one...
Ascent Technology continues its strong showing in the Microsoft Partner of the Year awards, as a finalist in the Data and Analytics Partner of the Year award.Finalist Data and Analytics Partner of the Year "It is always gratifying to be recognised by Microsoft as one...
Ascent Technology continues its strong showing in the Microsoft Partner of the Year awards, as a finalist in the Data and Analytics Partner of the Year award.Finalist Data and Analytics Partner of the Year "It is always gratifying to be recognised by Microsoft as one...
What makes this pattern consistent across sectors and incident types is not the method of attack. It is the gap it exploits – the governance deficit at the database layer. Security budgets concentrate on the perimeter. The database, where the data lives, carries no active monitoring or access governance in most environments.
South Africa’s regulatory environment has caught up with the risk. The Information Regulator has moved from advisory guidance to active enforcement. POPIA administrative penalties of up to R10 million are available under the enforcement regime. The mandatory breach reporting portal has been in operation since April 2025. The direction of travel is toward less tolerance, not more.
In this environment, the question is not whether database security matters. It is whether the governance currently in place is adequate.
Most enterprise security architectures are designed around the perimeter. When that line is crossed – through a stolen credential, an unpatched vulnerability, or a misconfigured environment – the database is frequently left unmonitored and ungoverned.
South Africa’s breach record reflects this gap with consistency. Client databases accessed without authorisation. Subscriber records exfiltrated in volumes measured in terabytes. Government systems breached through inadequately secured HR and applicant data. Medical and financial records exposed across the sectors that carry the highest regulatory obligations. The common thread across these incidents is not the sophistication of the attack. It is the absence of any active governance at the database layer itself.
IBM’s 2025 Cost of a Data Breach Report found that the average breach takes 241 days to identify and contain. Eight months of delay between intrusion and resolution is not a consequence of attacker sophistication. It is the consequence of there being no active monitoring layer at the database.
Governing the database layer means four things, each addressing a specific gap that the incidents above expose.
Real-time activity monitoring is the foundation – continuous visibility into all database activity, with automated detection and blocking of suspicious behaviour and policy violations as they occur. Not periodic review. This is what compresses the 241-day identify-and-contain timeline; nothing running on a daily or weekly schedule can.
A structured vulnerability and configuration assessment runs alongside it – ongoing evaluation of patch levels, configuration settings, and known exposures across every database in the environment. Where production systems cannot be immediately patched, virtual patching provides interim protection. Most significant breaches do not require sophisticated exploits. They require an unaddressed vulnerability and enough time.
Access governance must be enforced at the database layer itself – fine-grained controls that restrict high-risk operations, enforce segregation of duties, and apply least-privilege principles as an actively enforced control at the data layer, not as a policy aspiration. Privilege abuse – whether by an external attacker using a compromised credential or an internal user exceeding their mandate – cannot be contained by documentation alone.
An automated compliance and audit trail closes the loop. POPIA’s notification obligation requires reporting as soon as reasonably possible – which means the evidence of what was accessed and when must already exist before the incident occurs, not be assembled in response to one.
DB Shield is Ascent’s managed database security service – a fixed monthly cost, 24/7 service delivering all four capabilities across the database estate, covering SQL Server, Oracle, MySQL, PostgreSQL, MariaDB, and the other major platforms that South African enterprise environments typically run in combination – on-premises, in the cloud, and across hybrid configurations.
DB Shield is a security service designed specifically for the database layer – not a perimeter tool extended to cover it. That distinction matters because no perimeter tool can observe what is happening inside a database. Monitoring the query behaviour of an authenticated user, detecting a configuration that exposes a known vulnerability, enforcing access controls at the data layer – these require a dedicated database security discipline operating where the data lives.
The service integrates with Ascent’s DB Admin managed DBA service and DB Health assessment, so that security governance, performance management, and configuration assurance operate across the database environment as a unified discipline. Ascent’s discipline is that database security is not a project with an end date. It is an operating standard.
Under POPIA, South African organisations are responsible for the security of the personal information in their care. The Information Regulator has demonstrated the willingness and capability to enforce that responsibility. The financial sector’s average breach cost of R70.2 million has made the commercial case with equal clarity.
Database security is a governance obligation. The question for any organisation managing a material database estate is not whether to govern the database layer, but whether the governance currently in place is adequate to the risk the data represents and the accountability the regulatory environment now demands.
I have seen what it costs when the governance is not there. The number is always higher than the organisation expected.
Ascent delivers that governance through DB Shield – at a predictable monthly cost, with the permanence the obligation requires.
Contact Us to discuss what your current database security posture looks like – what is monitored, what is not, and where the gaps sit.