If your organization captures personal end-user data that is subject to GDPR regulations, go to Settings > Preferences > Data privacy and enable the data masking option. This settings page contains several configuration flags that allow you to enable proper masking of captured data.
Masking of IP addresses and GPS coordinates
DESK captures IP addresses of end users to determine the region from which they access your application.
Once enabled, IP address masking sets the last octet of monitored IPv4 addresses and the last 80 bits of IPv6 addresses to zeroes. GPS coordinates are rounded up to 1 decimal place (~10km). This masking occurs on the DESK cluster prior to storage. Full IP addresses are never written to disk. Location lookups are made using anonymized IP addresses and GPS coordinates.
Masking of personal data in URLs
DESK captures the full URIs of requests that are sent from browsers (mobile and desktop) and requests that are sent and received within monitored server-side processes.
Once enabled, DESK will
- Automatically detect UUIDs, IBANs, IP addresses, and other IDs in the URL path and replace these parts with a string like
[IBAN]
or [IPv4]
.
- Replace query parameter values with the string
<masked>
.
Masking of user action names (Web applications only)
When DESK detects a user action that triggers a page load or an AJAX/XHR action, it constructs a name for the user action based on:
- User event type (for example
click on...
, loading of page...
, or key press on...
)
- Title, caption, label, value, ID, className, or other available property of the related HTML element (for example, image, button, checkbox, or text input field).
In most instances, the default approach to user action naming works well, resulting in user action names such as:
click on Search on page /search.html
keypress on Feedback on page /contact.html
touch on Homescreen of page /list.jsf
In rare circumstances however, confidential data (for example, email addresses, usernames, or account numbers) may be unintentionally included in user action names because the confidential data is included in an HTML element label, attribute, or other value (for example, click on my Account Number: 1231231
). If such confidential data appears in your application’s user action names, you should enable User action name masking. This setting replaces specific HTML element names and values with generic HTML element names. With user action name masking enabled, the user action names listed above would change to:
click on INPUT on page /search.html
keypress on TEXTAREA on page /contact.html
touch on DIV of page /list.jsf