We use ESM to monitor a system that must comply with the GDPR. Some of the logs we receive in ESM may contain personal data of the users. According to the regulation, these logs stored in the ESM must be encrypted. If Mcafee has a solution for encrypting ESM database or there is a document that confirmed that ESM meet the GDPR requirement for personal data privacy.
At present McAfee SIEM does not encrypt data at rest on the appliances. My understanding of the GDPR is that it does not require disk encryption, but it identifies that this may be a useful tool in helping to maintain the security of protected data.
Direct access to the appliance disks is limited to the root (NGCP) user and ssh access can be disabled and controlled with an ACL.
If this is a feature you need to see in future then please raise a product idea to help our product management prioritise new features.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.