Sensitive Data Stored
This section outlines the types of sensitive information stored by dbWatch Control Center, how that data is protected at rest, and recommendations for secure configuration and handling.
Types of Stored Sensitive Data
dbWatch Control Center stores a limited set of sensitive information to support monitoring, authentication, and reporting functionality. This includes:
- Database credentials (usernames and passwords) for accessing monitored instances
- Control Center user profiles and roles
- Domain configuration and internal certificates
- Performance statistics and monitoring history
- Audit logs, if enabled
> These data types are required to support automation, access control, and long-term performance tracking.
Credential Storage and Protection
Database usernames and passwords are:
- Encrypted on disk using AES-based symmetric encryption
- Stored only on the primary Control Center server
- Decrypted only in memory at runtime to establish JDBC connections
- Never stored or exposed in plaintext
This credential storage is local and isolated, and cannot be accessed remotely or without local administrative permissions.
Storage Location and Access
Sensitive data is stored in the file system of the Control Center Server, typically under:
- `/opt/dbwatch/domain/` (Linux)
- `C:\ProgramData\dbWatch\domain\` (Windows)
Components stored here include:
- Encrypted instance connection files
- Keystores for TLS authentication
- Domain topology definitions
- Job configuration and execution metadata
> It is strongly recommended to restrict access to these folders using OS-level permissions and secure the host system with disk encryption.
Data Stored in Monitored Database Instances
When dbWatch installs its engine into a target database, it creates a separate schema (e.g., `dbwatch_cc`) which stores:
- Monitoring job definitions
- Job execution logs and thresholds
- Collected performance metrics (e.g., wait events, index fragmentation)
- Aggregated history for reporting and dashboard views
This schema does not store business application data by default.
Exception: Application-Level Data in SQL Statistics
Some SQL statistics jobs (such as those in the SQL Performance package) may store captured SQL text as part of query profiling.
This text may include:
- Literal values passed in queries
- Table names or query fragments that include business data patterns
- Full SQL statements executed by applications
> While dbWatch does not intentionally extract or store business data, the presence of query literals in captured SQL text may expose application-level information indirectly. Organizations with strict data classification rules should consider enabling:
- Query obfuscation or parameterization at the database level
- Role-based access restrictions to SQL statistics modules
- Retention policies to limit historical exposure
Recommendations
To reduce risk and enforce security best practices:
- Restrict file system access to the Control Center installation directory
- Secure the OS with disk encryption (e.g., LUKS, BitLocker)
- Back up encrypted configuration files regularly
- Limit access to SQL Performance features where data exposure is a concern
- Enable audit logging to detect configuration or access changes
Related Topics
- Sensitive Data Transmitted
- Encryption
- Audit Logging
- SQL Performance Package
- Domain Configuration – Users and Privileges
For security-sensitive environments or compliance-driven deployments, reach out to our team for configuration reviews or data handling consultations:
support@dbwatch.com