We are looking for any possible solutions or fixpacks available to implement GDPR Regulations on data captured in CA Authminder & Riskminder database for our UK & EU Regions. We already have the table names capturing information like client IP address and usernames. I know we can write a stored proc on database to remove this data., what we are intersted is are there any solution available from CA product wise for implementing GDPR Regulations and if not what are the suggestions from CA.
CA Advanced Authentication
- Currently we do not have any specific method to remove the user IP addresses from the database. We need to write the sql queries to achieve it.
- We store IP address in audit log table only, so we can delete by writing the queries.
- Below are the tables in which the IP address of users are stored:
- We do not have any pre-existing method to fetch the IP details of an user.
- ARWFADMINAUDITLOG table has all the details of the operations performed by different ADMINs in your environment and ARWFSVRMGMTAUDITLOG table has all the details of the operations done on the instances in the environment. But, as it contains the CLIENTIPADDRESS, we have provided these tables.
- ARWFISSUANCEAUDITLOG and ARWFAUTHAUDITLOG tables contain the information about the issuance and authentication of the credentials for the users. Whenever we create a credential for a particular user, the transaction details are stored in ARWFISSUANCEAUDITLOG table. And, when an authentication is performed by that user with that that credential, the transaction details are stored in ARWFAUTHAUDITLOG table.