Help Center/
Well-Architected Framework/
Well-Architected Framework and Practices/
Security Pillar/
Data Security and Privacy Protection/
SEC07 General Data Security/
SEC07-03 Monitoring Data Use
Updated on 2025-05-22 GMT+08:00
SEC07-03 Monitoring Data Use
Implement restriction policies or establish a monitoring mechanism for data modification and batch operations based on data classification.
- Risk level
High
- Key strategies
- Implement restriction measures or establish a monitoring mechanism for data modification and batch operations.
- Use DBSS to audit operations on databases. DBSS database audit provides the audit function in bypass mode. It records user access to the database in real time, generates fine-grained audit reports, and sends real-time alerts for risky operations and attacks, helping users locate internal violations and improper operations in the database, as well as ensuring data asset security.
- Enable DBSS database audit alarms. After configuring alarm notifications, you can receive DBSS alarms on database risks.
- Use CBH to identify and intercept high-risk database commands. With CBH, you can dynamically identify and intercept high-risk commands (including deleting databases, modifying key information, and viewing sensitive information) to interrupt database O&M sessions by setting database control policies and preset command execution policies. In addition, the system automatically generates a database authorization ticket and sends it to the administrator for secondary authorization.
- Related cloud services and tools
- DBSS
- CBH
Parent topic: SEC07 General Data Security
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
