Managing security and compliance with Cloud Databases
Cloud Databases is integrated with the Security and Compliance Center to help you manage security and compliance for your organization.
With the Security and Compliance Center, you can monitor for controls and goals that pertain to Cloud Databases.
Monitoring security and compliance posture with Cloud Databases
As a security or compliance focal, you can use the Cloud Databases goals to help ensure that your organization is adhering to the external and internal standards for your industry. By using the Security and Compliance Center to validate the resource configurations in your account against a profileA specification of a resource's capacities and capabilities. Different profiles are optimized for different workloads and use cases. A resource's pricing model might depend on its profile., you can identify potential issues as they arise.
All of the goals for Cloud Databases are added to the IBM Cloud Control Library profile, but can also be mapped to other profiles.
To start monitoring your resources, check out Getting started with Security and Compliance Center
Available goals for Cloud Databases
- Check whether Cloud Databases is enabled with IBM-managed or customer-managed encryption. All Cloud Databases instances are automatically encrypted at rest with IBM-managed keys. For more information, see Key Protect Integration.
- Check whether Cloud Databases is accessible only through TLS. All Cloud Databases connections use TLS/SSL encryption for data in transit. The current supported version of this encryption is TLS 1.2.
- Check whether Cloud Databases is accessible only by using private endpoints. Customers can disable public endpoints at provision time. For more information, see Service Endpoints Integration.
- Check whether Cloud Databases network access is restricted to a specific IP range. For more information see Context-based restrictions or Allowlisting.