Hello
I have a question related to Guardium Policy rules. One of our Policy Access Rules is looking to alert whenever a sensitive table is Selected from. The sensitive tables are stored in a Group of type Object which stores tables in two formats: tabname and %.tabname.
We have over 60 databases being monitored by Guardium and I noticed we have a table name that is rather generic that is considered GDPR sensitive on one database, but not on another. eg. Table 'Users' is sensitive on a DB on Server 1, but not classed as sensitive on a DB on Server 2. At present, we are seeing false alerts when a (non-trusted) DB session for a user runs a Select statement against the 'Users' table on a database on Server 2.
I don't see an option within the policy  of how I could configure the access rules to specify at either a server or a database level plus the table name which tables are sensitive.
Just wondered if anyone else had encountered a similar issue and if/how they had somehow managed to resolve this. 
Many thanks David

------------------------------
David H
------------------------------

Original Message------

Hello
I have a question related to Guardium Policy rules. One of our Policy Access Rules is looking to alert whenever a sensitive table is Selected from. The sensitive tables are stored in a Group of type Object which stores tables in two formats: tabname and %.tabname.
We have over 60 databases being monitored by Guardium and I noticed we have a table name that is rather generic that is considered GDPR sensitive on one database, but not on another. eg. Table 'Users' is sensitive on a DB on Server 1, but not classed as sensitive on a DB on Server 2. At present, we are seeing false alerts when a (non-trusted) DB session for a user runs a Select statement against the 'Users' table on a database on Server 2.
I don't see an option within the policy  of how I could configure the access rules to specify at either a server or a database level plus the table name which tables are sensitive.
Just wondered if anyone else had encountered a similar issue and if/how they had somehow managed to resolve this. 
Many thanks David

------------------------------
David H
------------------------------

Thanks Frank. That makes perfect sense.

------------------------------
David Huckle
------------------------------

Original Message:
Sent: Wed May 29, 2019 02:00 PM
From: Frank Bates
Subject: Sensitive tables within a Guardium Policy

You may have to replace the one rule having an Object group of sensitive tables into multiple rules each with a) Server Name, b) Service Name and c) Object group of tables within the specified Service Name and Server Name of the new rule.

 

Thanks!

 

Frank J Bates Jr

Database Risk Administration

Key Technology & Operations

Mailstop: OH-01-51-5970

4910 Tiedeman Road, Brooklyn, OH 44144-2338

Phone: (216) 471-2740

Frank_J_BatesJr@KeyBank.com

 

 

Use the red key.^®

 

This communication may contain privileged and/or confidential information. It is intended solely for the use of the addressee. If you are not the intended recipient, you are strictly prohibited from disclosing, copying, distributing or using any of this information. If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy. This communication may contain nonpublic personal information about consumers subject to the restrictions of the Gramm-Leach-Bliley Act. You may not directly or indirectly reuse or redisclose such information for any purpose other than to provide the services for which you are receiving the information.

127 Public Square, Cleveland, OH 44114

If you prefer not to receive future e-mail offers for products or services from Key
send an e-mail to mailto:DNERequests@key.com with 'No Promotional E-mails' in the SUBJECT line.

Original Message------

Hello
I have a question related to Guardium Policy rules. One of our Policy Access Rules is looking to alert whenever a sensitive table is Selected from. The sensitive tables are stored in a Group of type Object which stores tables in two formats: tabname and %.tabname.
We have over 60 databases being monitored by Guardium and I noticed we have a table name that is rather generic that is considered GDPR sensitive on one database, but not on another. eg. Table 'Users' is sensitive on a DB on Server 1, but not classed as sensitive on a DB on Server 2. At present, we are seeing false alerts when a (non-trusted) DB session for a user runs a Select statement against the 'Users' table on a database on Server 2.
I don't see an option within the policy  of how I could configure the access rules to specify at either a server or a database level plus the table name which tables are sensitive.
Just wondered if anyone else had encountered a similar issue and if/how they had somehow managed to resolve this. 
Many thanks David

------------------------------
David H
------------------------------