The Privilege Management Cloud management platform consists of three databases.
The management database is responsible for storing information about the endpoints connected to the Privilege Management Cloud management console, which includes information such as:
- Host name
- Primary User (this is the registered owner during OS install and is typically a company name or blank)
- Operating System and version
- Last connected (to management console) date
- Policy version applied
- Endpoint software version
We do not store information such as IP address or any associated user names with the endpoint.
The Policy Database is responsible for storing the created policy xml files which are send down to the endpoints. The policy .XML file contains the rules which will be applied on the endpoint by the Privilege Management client.
The reporting database contains audit event data which is generated based on the policy .XML file applied on the endpoint. Audit event data is tied to the user name of the user that performed an action, such as running an application, which requires elevated rights. Reporting data is held for 90 days before being automatically purged. Typical information recorded includes:
- File name / location
- File hash
- File owner
- User name (of event operation)
- Host name (where event operation took place)
- Authorizing user name (if present)
- User reason (if given)