Configure Data Security

This page describes the security configurations that you can set up on Cisco Secure Application. 

Configure Data Security 

From Cisco Secure Application > Configure page, you can add configurations these Data Security configurations: 

• Data Security:
  
  • Data Security Alert Rules: To set up alerts, see Visualize Alerts.
    There are default alert rules that are automatically set up for you. However, you have the option to disable the default alert rules. 

Data Security Alert Rules

When you click on a specific Alert Rule Name, you can view these details:

• Default Alert Rules:

  • Database Client Affected By CVE: Detect database clients with potential vulnerabilities accessing the data stores.

  • Unmasked Columns: Identify database columns containing PII information not adequately protected through masking rules. This is important for ensuring that sensitive data is not exposed to unauthorized users, and for maintaining compliance with data protection regulations.

  • Unused Privileges: Detect privileges not actively used by the user. Identifying and revoking such unused privileges is important for maintaining the principle of least privilege access.

  • Inactive Buckets: Detect inactive object storage buckets. This reduces potential security associated with neglected data.

  • Public Buckets: Identify object storage buckets that are publicly accessible. This helps in protecting sensitive data and maintain compliance with data protection regulations.

  • Replication Not Configured Buckets: Identify object storage buckets that are not configured for replication. Configuring replication is important to protect against data loss and maintain business continuity.

  • Unencrypted Bucket: Designed to identify object storage buckets that are not encrypted, recommending encryption to protect sensitive data and maintain compliance with data protection regulations.

  • Unused Database Tables: Designed to detect and alert on unused tables within a database, recommending optimizations to enhance resource efficiency and reduce potential security vulnerabilities associated with neglected data.

  • Unused Database Columns: Detect unused database columns. This helps enhance resource efficiency and reduce potential security associated with neglected data.

    

    You have the option to disable these default alert rules. 

• Time Interval: Choose the time internal of the alert rule in days, weeks, or months. 

• Filter Alert Rules: Define conditions that the alert rule will apply to.