Levels of data protection

Depending on your environment setup and data-privacy settings, some captured data may be protected by law or considered sensitive for other reasons. In such instances, you must take extra precautions to protect your customers' private data.

DESK has 3 levels of protection in place concerning personal data.

Scrubbing of data at the point of capture: In this case, the data in question don't leave the monitored process or the end user's browser.
Scrubbing of data prior to storage: In this case the data in question is processed by DESK to allow for better analysis, but the original data is scrubbed prior to storage. Scrubbed data portions are replaced with the string <masked>.
Masking of data on display: In this case, data is stored but only presented to users who have the View sensitive request data permission. All other users will see that the data point exists but the personal data is masked out with *****.

Protect personal data by not capturing it

DESK automatically masks certain data points at the point of capture. This happens within the application or browser (such data never leaves the application or browser). Masked values are replaced with ***.

Literals and numbers that are part of the where clause of a SQL statement
Bind parameters of a SQL statement
URL query parameters in exception messages
IBAN and credit card numbers

Protect personal data by not storing it

If your organization captures personal end-user data that is subject to GDPR regulations, go to Settings > Preferences > Data privacy and enable the data masking option. This settings page contains several configuration flags that allow you to enable proper masking of captured data.

Masking of IP addresses and GPS coordinates

DESK captures IP addresses of end users to determine the region from which they access your application.

Once enabled, IP address masking sets the last octet of monitored IPv4 addresses and the last 80 bits of IPv6 addresses to zeroes. GPS coordinates are rounded up to 1 decimal place (~10km). This masking occurs on the DESK cluster prior to storage. Full IP addresses are never written to disk. Location lookups are made using anonymized IP addresses and GPS coordinates.

Masking of personal data in URLs

DESK captures the full URIs of requests that are sent from browsers (mobile and desktop) and requests that are sent and received within monitored server-side processes.

Once enabled, DESK will

Automatically detect UUIDs, IBANs, IP addresses, and other IDs in the URL path and replace these parts with a string like [IBAN] or [IPv4].
Replace query parameter values with the string <masked>.

Masking of user action names (Web applications only)

When DESK detects a user action that triggers a page load or an AJAX/XHR action, it constructs a name for the user action based on:

User event type (for example click on..., loading of page..., or key press on...)
Title, caption, label, value, ID, className, or other available property of the related HTML element (for example, image, button, checkbox, or text input field).

In most instances, the default approach to user action naming works well, resulting in user action names such as:

click on Search on page /search.html
keypress on Feedback on page /contact.html
touch on Homescreen of page /list.jsf

In rare circumstances however, confidential data (for example, email addresses, usernames, or account numbers) may be unintentionally included in user action names because the confidential data is included in an HTML element label, attribute, or other value (for example, click on my Account Number: 1231231). If such confidential data appears in your application’s user action names, you should enable User action name masking. This setting replaces specific HTML element names and values with generic HTML element names. With user action name masking enabled, the user action names listed above would change to:

click on INPUT on page /search.html
keypress on TEXTAREA on page /contact.html
touch on DIV of page /list.jsf

Protect personal data by not displaying it

DESK automatically considers certain data points it captures as sensitive and only displays them to users who have the View sensitive request data permission. All other users will see that the data point exists but the personal data is masked out with *****. Thus the data is protected from view by unauthorized personal.

Personal data types

The following data types are considered sensitive and are masked from display:

Requests attributes that are marked as confidential.
Client IP addresses
Exception messages
URL query parameters
HTTP Headers
HTTP Post parameters
Original captured method argument values (the resulting request attribute is treated separately)

Mark request attributes as confidential

DESK allows you to decide whether a request attribute should be treated as confidential or not. For this and other obvious reasons, users who are authorized to define request attributes must have the Configure capture of personal data permission. For complete details, see How do I configure DESK to protect personal data?