Select Reports > Portal > Repository > Standard Content > GDPR > Reports or Dashboards > GDPR Access Activity.
As a data controller or data processor, you need to track access to GDPR systems, which collect, store, transfer, use, and organize data related to EU citizens or residents.
Select Reports > Portal > Repository > Standard Content > GDPR > Reports or Dashboards > GDPR Access Activity > Access Activity.
To comply with GDPR, you might want to track accounts that have been accessing systems that store or process users’ personal data. A high number of failed access attempts can indicate malicious activity. Also, to prevent a malicious user from accessing sensitive data, you should know when and what type of authorization changes occur on those systems.
Reports the number of times and the accounts that accessed GDPR systems outside of regular hours, such as accessing a server on the weekend. The table provides results by the account and its associated server, and the target server accessed. This report relates to GDPR Articles 5 and 25 and Recital 49.
By default, the report uses the following time ranges to check for “after hours” access:
12 a.m. to 7 a.m. Monday through Friday
18 p.m. (6 p.m.) to 12 a.m. Monday through Friday
All day on Saturday and Sunday
However, you can modify the time ranges by editing the filters for the report. The time range uses 24-hour values.
Reports the number and type of authorization change events that occur on GDPR systems over time. The table provides results by the number of times each account made a change, the type of change, the affected GDPR system, and the outcome of the change such as ‘success.’ This report relates to GDPR Articles 5, 18, 24, 29, and 32 and Recital 39.
Reports the number of times access to a GDPR asset failed. The chart shows the top GDPR assets with failed access attempts. For each GDPR asset, the table provides results by the number of failed events, user accounts with failed attempts, and the number of IP addresses associated with the failed events. This report relates to GDPR Articles 5 and 25 and Recital 49.
Reports the number of times users failed to access a GDPR system. The chart shows the users with the most failed access attempts. The table provides results by number of failed events, GDPR assets affected, and IP addresses associated with the failed events for each user with a failed attempt. This report relates to GDPR Articles 5 and 25 and Recital 49.
Reports the number attempts that failed to access a GDPR system over time. For each failed attempt, the table provides results by user account, the account’s IP address and country, the target server’s IP and host name, and the number of failed events. This report relates to GDPR Articles 5 and 25 and Recital 49.
Provides, in charts and a table, an overview of accounts that access GDPR systems outside of regular hours, such as accessing a server on the weekend. You can view the targeted systems, users, and source IPs that generate the most events. This dashboard relates to GDPR Articles 25, 30, and 32 and Recital 82.
By default, the dashboard uses the following time ranges to check for “after hours” access:
12 a.m. to 7 a.m., Monday through Friday
18 p.m. to 12 a.m., Monday through Friday
All day on Saturday and Sunday
Provides an overview of events that indicate authorization change attempts on GDPR Systems. Relevant to GDPR Articles 5, 18, 24, 29,and 32 and Recital 39.
Provides, in charts and a table, an overview of failed access activity on the specified GDPR systems. This dashboard relates to GDPR Articles 5 and 25 and Recital 49.
You must specify at least one IP address, Mac address, or host name in lowercase.
Provides, in charts and a table, an overview of failed access activity by user. This dashboard relates to GDPR Articles 5 and 25 and Recital 49.
You must specify at least one user account in lowercase.
Provides an overview of failed access activity on GDPR systems. This dashboard relates to GDPR Articles 5 and 25 and Recital 49.
Provides an overview of the relationship between source and destination addresses and users on events that indicate a failure login activity on GDPR systems. This dashboard relates to GDPR Articles 5 and 25 and Recital 49.
Select Reports > Portal > Repository > Standard Content > GDPR > Reports or Dashboards > GDPR Access Activity > Regulatory Exposure.
As part of your compliance measures, you most likely track access events that might have compromised user data, thus breaching GDPR regulations.
Reports the GDPR systems that might have been exposed to a regulatory infraction due to user access activities. The chart shows the systems with the most events. The table provides results by the event name and time by GDPR system. This report relates to GDPR Article 32 and Recital 49.
Select Reports > Portal > Repository > Standard Content > GDPR > Reports or Dashboards > GDPR Access Activity > Threat User Analysis.
User activities such as changing authorizations or clearing audit logs often indicate malicious activities or potential vulnerabilities. Run the following reports to check for threat activities on your GDPR systems.
Reports events associated with administrative activities that occur on GDPR systems. For example, users are executing commands or changing authorizations. The chart shows activity over time. The table provides results by time, user, affected GDPR asset, activity type, and the number of events. This report relates to GDPR Articles 30 and 32 and Recital 49.
Reports how often anti-virus services have been stopped or paused on GDPR systems over time. A malicious user might pause an anti-virus service before running an illegal command or script or downloading or installing malicious programs. The table provides results by time, GDPR system, affected service, and number of events. This report relates to GDPR Article 32 and Recital 49.
Reports the audit log has been cleared on GDPR systems. The chart shows the number of events over time. The table provides results by date, user, and host. This report relates to GDPR Articles 5 and 25 and Recital 49.
Reports how often GDPR systems have been threatened. The chart shows the number of events over time. The table provides results by date, system IP address, threat technique, event name, and number of events. This report relates to GDPR Article 32 and Recital 49.