Updated on 2025-05-22 GMT+08:00

SEC07-03 Monitoring Data Use

Implement restriction policies or establish a monitoring mechanism for data modification and batch operations based on data classification.

  • Risk level

    High

  • Key strategies
    • Implement restriction measures or establish a monitoring mechanism for data modification and batch operations.
    • Use DBSS to audit operations on databases. DBSS database audit provides the audit function in bypass mode. It records user access to the database in real time, generates fine-grained audit reports, and sends real-time alerts for risky operations and attacks, helping users locate internal violations and improper operations in the database, as well as ensuring data asset security.
    • Enable DBSS database audit alarms. After configuring alarm notifications, you can receive DBSS alarms on database risks.
    • Use CBH to identify and intercept high-risk database commands. With CBH, you can dynamically identify and intercept high-risk commands (including deleting databases, modifying key information, and viewing sensitive information) to interrupt database O&M sessions by setting database control policies and preset command execution policies. In addition, the system automatically generates a database authorization ticket and sends it to the administrator for secondary authorization.
  • Related cloud services and tools
    • DBSS
    • CBH