Sensitive Data

Overview

This guide explains how to set up sensitive data policies to manage and protect sensitive information, such as personal data, within your organization. By using the Sensitive Data menu, administrators can select a connection, create policies, and register rules that apply to specific tables or columns. Once these policies are created, access to sensitive data is logged, and alerts can be configured to notify administrators of access attempts.

Creating a Sensitive Data Policy

To register a new sensitive data policy based on a specific connection:

1. Database 설정 메뉴에서 Policies > Sensitive Data 메뉴로 이동합니다.

2. 우측 상단의 Create Policy 버튼을 클릭합니다.

3. 정책 생성을 위한 다음의 정보들을 입력합니다.

   1. Policy Name : 정책을 화면상에서 구별할 수 있는 이름입니다.

   2. Target Connection : 정책을 적용할 커넥션을 선택합니다. 1개의 정책당 1개의 커넥션을 연결할 수 있습니다.

4. Save 버튼을 통해 저장합니다.

해당 정책이 Sensitive Data 정책 목록에 생성된 것을 확인할 수 있습니다.

1. Navigate to the Administrator > Databases > Policies > Sensitive Data menu.

2. Click the Create Policy button in the upper right corner.

3. Enter the following information:

   • Policy Name: A unique name to identify the policy on the screen.

   • Target Connection: Select the connection to which the policy will apply. Each policy can be linked to only one connection.

4. Click the Save button to save the policy.

Once saved, the policy will appear in the Data Access policy list.

Registering Rules to the Sensitive Data Policy

After creating a policy, the next step is to register the specific data paths (tables and columns) where the policy will apply:

1. Click on the policy you just created to open the details and rule registration screen from the Sensitive Data policy list.

2. In the details screen, click the Add Rule List button on the right side.

3. Select the data paths to which the policy will apply:

   1. Database Name: A required value for rule registration.

   2. Table Name: A required value for rule registration. Selecting a table will apply the sensitive data policy to all data within that table.

   3. Column Name: If you want to apply the policy to specific columns within the table, select the appropriate columns.

4. Set Sensitivity Level:

   1. Choose a sensitivity level for the data: High / Medium / Low

   2. The selected sensitivity level can be used later to set trigger conditions for alerts.

5. You can also specify exceptions for certain users or groups who need access to the data:

   • Allowed Users: Select the users or groups that will be exempt from the access restriction.

6. Click Ok to save the rule.

Once saved, you can verify the rule's registration under the Rule List tab. When users access the data, the access history will be recorded in the Logs tab. For information on configuring alerts related to sensitive data policies, refer to the Alerts documentation.

When selecting the Database Name, I am encountering the following error:
“[ENGINE] [30101] Please Check the user credential or IP ACL settings. Access denied for user ‘username’@‘host’ (using password: YES)”.

A. This error typically occurs if the database account information has not been set or has been configured incorrectly. To resolve this issue, navigate to the Administrator > Databases > DB Connections, click on the relevant connection, enter the correct Database Username / Password information, save the changes, and then try again.