Configure compliance rules

Configure compliance rules using the respective compliance wizard, which simplifies the creation of activity monitoring rules. Compliance rules are based on various established standards and regulations.

The specific definitions required in defining a compliance rule vary based on the type of regulation, so the parameters set in the configuration and the number of pages in the compliance wizard vary accordingly. Follow the on-screen instructions to configure a compliance wizard.

The following procedure explains how to create custom rules for GLBA compliance.

Task

  1. On the Compliance page, click More to view different regulation.
  2. Select the type of regulation for which you want to verify compliance, then click Select.
    The Compliance page is displayed, indicating that the selected compliance wizard has not been completed and provides information required to configure a compliance rule for the selected type of regulation.
  3. Click Configuration Wizard to begin the process of configuring the compliance rule.
  4. Select the DBMSs and DBMS groups where you want to apply the compliance rule, and click Next.
    Note: If a red message appears after clicking Next, there is a problem with the values entered. Fix the settings, then click Next again.
  5. In Application OS Users, enter or upload the OS user names that are used by application database users and click Next.
    You can upload the details in the .csv file format.
    Note: If you need to exit the wizard and continue the configuration later from the point where you stopped, click Proceed Later.
  6. In Application Database User Name, enter or upload all user names that are used by your approved applications to access the databases, and click Next.
  7. In Approved Application, enter or upload all applications that are allowed to access customer information records on the database and click Next.
  8. In Approved IP Addresses, enter the list of all IP addresses that are allowed to access customer information records on the database, and click Next.
  9. In the Customer Information Records Tables, enter the database tables that contain cardholder data or sensitive data in any of the selected DBMSs and click Next.
  10. In DCL Commands, view the DCL commands and click Next.

    You do not need to change the DCL command list. If you want to modify the DCL commands, enter or upload the DCL commands.

    Note: Clicking Reset resets the default values for that step only.

  11. In the DDL Commands, view the DDL commands and click Next.

    You need not change the DDL command list. If you want to modify the DDL commands, enter or upload the DDL commands.

  12. In DML Commands, view the DML commands and click Next.

    You need not change the DML command list. If you want to modify the DML commands, enter or upload the DML commands.

  13. In Privileged OS Users, enter or upload all OS user names used by the privileged database users, and click Next.
  14. In Privileged Database Users, enter or upload all privileged database users, which include the DBA user names and any other database user name that has high permission in any of the selected databases.
    Note: Do not include user names that the applications use, these are added elsewhere.
  15. Click Next.
  16. In Completed, read the instructions carefully, then select Enable GLBA Compliance Rules.
    Note: If this option is not selected, the rule is created but it is not enabled. Make sure that vPatch rules are enabled on all in-scope databases.
  17. Click Finish.

    A GLBA tab is added for the new regulation, showing the set of rules created based on predefined rule templates for that regulation type, including level and defined action.

    In addition, you can now filter alerts and other data according to the compliance type. When applicable, you can select the required regulation type in the Compliance drop-down list.