DBSS Security Best Practices
Security is a shared responsibility between Huawei Cloud and yourself. Huawei Cloud ensures the security of cloud services for a secure cloud. As a tenant, you should utilize the security capabilities provided by cloud services to protect data and use the cloud securely. For details, see Shared Responsibilities.
Consider the following aspects for your security configurations:
- Configuring Audit Log Privacy Protection
The SQL request statements and result sets in audit logs may contain users' privacy data. Therefore, you are advised to enable privacy data protection for audit logs. For details, see Configuring Privacy Data Protection.
- Enabling the Audit Log Backup Function
DBSS automatically backs up audit logs locally. According to related audit regulations, DBSS audit logs must be retained for at least half a year. DBSS instances support automatic backup of audit logs. You can periodically back up audit logs. If a DBSS instance is faulty or data is damaged, you can obtain audit logs from backup files to ensure data reliability. For details, see Automatically Backing Up Database Audit Logs.
- Enabling the Scheduled Audit Report Task
To learn about the compliance status of your business timely and accurately, you can set scheduled report publishing tasks. For details, see Viewing Audit Reports.
- Updating a Privacy Data Masking Rule
DBSS provides default privacy data masking rules. However, to better protect data privacy and security, you are advised to add privacy data masking rules based on your service requirements. For details, see Configuring Privacy Data Protection Rules.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
