Restricted audit logs for sensitive data
You can restrict access to the audit logs of users who work on sensitive data. This requires changes to the user accounts of those who work on sensitive data and to the user accounts of those authorized to view restricted audit logs.
Users who do not have access to restricted audit logs can still view the audit history of any record accessible to them but they cannot see any of the changes made by users with restricted audit logs. Users who generate restricted audit logs cannot view the restricted audit logs of other users.
Note: You can also prevent users from viewing the history of entity and link records by denying access to the History button. To do this, you turn on the View history check box in the System Commands Access Control dialog.
For each user who works on sensitive data:
- In iBase Designer in the Security Manager, edit the account of the user whose audit log you want to restrict.
- On the Account page of the User dialog, turn on Restricted Audit Log.
Note: By default, system administrators do not have permission to view restricted audit logs. They must be granted this permission like other types of user.
To grant permission to view restricted audit logs, you need to create a new Database Management group that includes the Audit Administrator role or edit an existing group. For example:
- In iBase Designer in the Security Manager, edit the group to which you want to add the Audit Administrator role.
- On the Permissions page of the Group dialog, turn on Audit Administrator.
- On the Users page of the Group dialog, review the list of users in this group as the
existing members of the group will acquire the new permission.For more information, see Creating Groups and Adding Members.