Data collection
Sitecore Content Hub collects the following data:
-
Application user logs
-
Log in / Log off
-
Session creation / session termination
-
Password changes
-
Failed login attempts
-
All administrative actions performed
-
Application audit logs
-
User Create / Update / Delete actions
-
Application events
-
Document or object Create / Read / Update / Delete actions
-
Metadata Create / Read / Update / Delete actions
-
Identifying users and the actions they performed
All logs:
-
Include the source IP address of the actor.
-
Are available through the application web interface and are retained according to the audit log retention policy.
-
Are encrypted at rest.
-
Can be exported in a format that is accessible by a Customer SEIM in real-time.
For more information about log data, see Reporting events. For more information about logging, see User logging.
Provider policy and standards assurance
Content Hub can show that an Information Security Management Program (ISMP) has been developed, documented, approved, and implemented, including administrative, technical, and physical safeguards to protect assets and data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. In addition, change management documentation exists.
Content Hub provides an audit report. Third-party libraries are regularly checked and updated.