We are looking for any possible solutions or fix packs available to implement GDPR Regulations on data captured in CA Authminder & Riskminder database for our UK & EU Regions.

We already have the table names capturing information like client IP address and usernames.

Are there any solution available from CA product wise for implementing GDPR Regulations and if not what are the suggestions from CA?

Currently we do not have any specific method to remove the user IP addresses from the database.

So we need to write the SQL queries to achieve be able to remove those ip addresses. The IP addresses are stored in audit log table only, so we can delete them by writing a SQL query.

Here is a list of tables names where ip addresses are present:

• ARRFSYSAUDITLOG_3DSECURE 
• ARRFSYSAUDITLOG_3DSECURE_AR 
• ARRF_CASE_TXN_3DSECURE 
• ARRFSYSAUDITLOG 
• ARRFSYSAUDITLOG_AR 
• ARRF_CASE_TXN 
• ARRFSYSAUDITLOG_MOBILE 
• ARRFSYSAUDITLOG_MOBILE_AR
• ARRF_CASE_TXN_MOBILE
• ARWFADMINAUDITLOG
• ARWFADMINAUDITLOG_AR
• ARWFSVRMGMTAUDITLOG
• ARWFSVRMGMTAUDITLOG_AR
• ARWFISSUANCEAUDITLOG
• ARWFISSUANCEAUDITLOG_AR
• ARWFAUTHAUDITLOG
• ARWFAUTHAUDITLOG_AR

We do not have any pre-existing method to fetch the IP details of an user.

ARWFADMINAUDITLOG table has all the details of the operations performed by different ADMINs in your environment and ARWFSVRMGMTAUDITLOG table has all the details of the operations done on the instances in the environment. But, as it contains the CLIENTIPADDRESS, we have provided these tables.

ARWFISSUANCEAUDITLOG and ARWFAUTHAUDITLOG tables contain the information about the issuance and authentication of the credentials for the users. Whenever we create a credential for a particular user, the transaction details are stored in ARWFISSUANCEAUDITLOG table. And, when an authentication is performed by that user with that that credential, the transaction details are stored in ARWFAUTHAUDITLOG table.