Restricted audit logs for sensitive data

You can restrict access to the audit logs of users who work on sensitive data. This requires changes to the user accounts of those who work on sensitive data and to the user accounts of those authorized to view restricted audit logs.

Before you begin

Users who do not have access to restricted audit logs can still view the audit history of any record accessible to them but they cannot see any of the changes made by users with restricted audit logs. Users who generate restricted audit logs cannot view the restricted audit logs of other users.

Note: You can also prevent users from viewing the history of entity and link records by denying access to the History button. To do this, you turn on the View history checkbox in the System Commands Access Control dialog.

For each user who works on sensitive data:

  1. In iBase Designer in the Security Manager, edit the account of the user whose audit log you want to restrict.

  2. On the Account page of the User dialog, turn on Restricted Audit Log.

This will prevent unauthorized users from filtering the records displayed in Audit Viewer or the iBase Audit History dialog to view just the records touched by that user.

Note: By default, system administrators do not have permission to view restricted audit logs. They must be granted this permission like other types of user.

Procedure

To grant permission to view restricted audit logs, you need to create a new Database Management group that includes the Audit Administrator role or edit an existing group. For example:

  1. In iBase Designer in the Security Manager, edit the group to which you want to add the Audit Administrator role.

  2. On the Permissions page of the Group dialog, turn on Audit Administrator.

  3. On the Users page of the Group dialog, review the list of users in this group as the existing members of the group will acquire the new permission. For more information, see Creating Groups and Adding Members.

What to do next

A user who has the Audit Administrator role can use the Audit Viewer or iBase Audit History, and they can view the records touched by any iBase user.