-
Is it possible to configure which events are included in the audit report?
There would be a need to get some more events included in the audit report, is that possible to be configured by the administrator?
-
Security related Documentation
Is there any documentation available where it tells about how secure is Aperture in terms of handling the data. We might need to provide this document to one of our internal team as we try to access that source system's data through aperture
-
Severity Identification for New Version Upgrade
Regarding installing releases, is there a way to easily identify the severity of each release made available? For example, if a new release came out with security features can it be easily identified whether that particular release contains an Urgent update for vulnerabilities that should be installed as soon as possible,…
-
TLSv1 and TLSv1.1 protocols disabled by default in Data Studio
Towards the end of 2021, TLSv1 and TLSv1.1 protocols became disabled by default in Java 8, on which Aperture Data Studio is built. As a result, when you upgrade to a new version of Data Studio, if you are using Data Studio's packaged OpenJDK, you may find that some connections to External systems (e.g. JDBC) no longer…
-
Critical vulnerability in Apache Log4j library
On 9th December 2021, Proof-of-Concept exploits for a new critical zero-day vulnerability affecting Apache Log4j, version 2.0 to 2.14.1, which results in remote code execution (RCE) were made publicly available. This is being tracked as CVE-2021-44228. Experian is fully aware of the log4j security vulnerability. Experian…
-
Encryption-at-rest FAQ
Since release 2.4.5, you can turn on a new security setting at Settings>Security, Encryption to encrypt Data Studio resources. Here are some FAQs: What does resources include? Resources refers primarily to files in \data\resource folder and typically includes the imported datasets, snapshots and some cache files. Do I need…
-
🎞 Creating roles and assigning permissions
Data Studio gives you some very fine grain control over what a given user can do within the system. Here's a short video describing role creation and assignment.
-
Sharing database connections across teams
What's the recommended approach to sharing tables/views and connections to databases across a wider team? Should we create new connections per user, share tables with specific users or create credentials for other users on the same connection? I'm interested in the security aspect but also the performance impact of each of…