Topics Topics


Example: How to Protect Sensitive Information

You can use several features provided by SecurTracTM in order to protect your sensitive information from access by unauthorized parties.

Intrusion Detection Monitor - Illegal Database Access

The most direct way is to create an Illegal Database Access event in the Intrusion Detection Monitor.

To create an Illegal Database Access event:
  1. Open the SecurTrac Configuration Database (SCTCFG.NSF).
  2. In the left pane, select .
  3. Click the button on the action bar.
  4. Under on the 'Basic' tab, click button and select the specific server to monitor.
  5. Under on the 'Basic' tab, select Central Log Database.
  6. Under on the 'Monitor' tab, click on the button and select 'Illegal Database Access'. Click 'OK' to confirm your selection.
  7. Under on the 'Administration' tab, specify the Owner and Administrators for the monitor. Either type in user name directly or look it up from the Domino Directory. (To type in user names, multiple entries are allowed ONLY for the 'Administrators' field. You should separate entries by using a comma ' , '.).
  8. Click the button at the top of the form to save the configuration so that the Intrusion Detection Monitor can be activated.


To view the illegal database access event log in Intrusion Detection:
  1. Open the SecurTrac Central Log Database (SCTLOG.NSF)
  2. In the left pane, select .
  3. In the right pane, a list of intrusion detection logs will be shown and sorted by date and time.
  4. See if there is any event log beginning with "Illegal database access".
  5. Double click the event log to see the details of the log.


Database Monitor - ACL change

Although you have created an Intrusion Detection Monitor to detect illegal database access, you may recognize that some hackers will change the ACL of your database, so as to escape from the Intrusion Detection Monitor. To promote a higher level of security, it is suggested that the administrator create a Database Monitor to detect ACL Changes.

To create a Database Monitor for ACL change:
  1. Open the SecurTrac Configuration Database (SCTCFG.NSF).
  2. In the left pane, select .
  3. Click the button on the action bar.
  4. In the section of the 'Basic' tab, specify the relative path and file name of the database.
  5. In the section of the 'Basic' tab, select 'Central Log Database'.
  6. In the section of the 'Monitor --> ACL' tab, specify your e-mail address if you want to receive e-mail notifications every time SecurTrac detects an ACL change log. Otherwise, leave it blank.
  7. In the section of the 'Administration' tab, the Owner and Administrators for the monitor can be specified. Either type in user name directly or look-up from the Domino Directory. (To type in user names, multiple entries are allowed ONLY for the 'Administrators' field. You should separate entries by using a comma ' , '.).
  8. Fill in the rest of the configuration and DO NOT check the field under 'Monitor --> ACL' tab.
  9. Click the button at the top of the form to save the configuration so that the Database Monitor can be activated.


To view the ACL Change Log of the Database Monitor:
  1. Open the SecurTrac Central Log Database (SCTLOG.NSF).
  2. In the left pane, select and then .
  3. On the right, a list of ACL change log will be shown and sorted by date and database name.
  4. Double click the record you are looking for and details of the log will be shown.


Database Monitor - Open/Update/Delete

To protect highly sensitive information, it is logical for the administrator to monitor legal access of the database and activities such as Open, Update and Delete.

To create a Database Monitor for Document Open/Update/Delete
  1. Open the SecurTrac Configuration Database (SCTCFG.NSF).
  2. In the left pane, select 'Database Monitor'.
  3. Click the button on the action bar
  4. In the section of the 'Basic' tab, specify the relative path and file name of the database.
  5. In the section of the 'Basic' tab, select 'Other Log Database'.
  6. In the File Name field, specify the path of the log database (e.g SecurTrac\EmployeeDetail_Log.nsf)
  7. In the section of 'Monitor -->Document' tab, check the fields , ,and .
  8. In the section of 'Monitor --> Document' tab, specify those sensitive record fields you want to keep track of and separate them by using a comma ' , '.
  9. In the section of 'Monitor --> Document' tab, check the field 'Log RichText Field' and select the RichText field to be logged if you want to log the RichText Field(s).
  10. In the section of 'Monitor --> Document' tab, select 'Log Attachment(s) Info and Content' to log both attachment information and attachment content.
  11. In the section of 'Administration' tab, specify the Owner and Administrators for the monitor. Either type in user name directly or look-up from the Domino Directory. (To type in user names, multiple entries are allowed ONLY for 'Administrators' field. You should separate entries by using comma ' , '.).
  12. Fill in the rest of the configurations and DO NOT check the field under 'Monitor --> Document' tab.
  13. Click the button at the top of the form to save the configuration so that the Database Monitor can be activated.


To view the Open/Update/Delete event log in Database Monitor:
  1. Open the SecurTrac Log Database (SecurTrac\EmployeeDetail_Log.nsf).
  2. In the left pane, select and then .
  3. On the right, a list of document change logs will be shown. These logs are sorted by date and database name. Action history can be found in this view.
  4. Double click the record you are looking for and the details of the log will be shown. If you have specified the fields when you configure the monitor, updated values of those fields will also be shown.


-------------------------------------------------------------------------------------------------------------------------------------------