How Anonymization is Implemented in ObserveIT
When working in "Anonymized" mode, personal information that identifies the user is replaced with randomly generated codes. This is reflected in the User Risk Dashboard and throughout the ITM On-Prem Web Console where session data represents recorded user activity and alerts.
When "Anonymized" mode is enabled, the Active Directory is sampled once per hour.
The following data can be anonymized:
Data Element |
Code Prefix |
Example |
---|---|---|
User full name |
USR |
USR-00012345 |
Department |
DEP |
DEP-00716777 |
Role |
ROL |
ROL-00001192 |
Login/secondary login account |
LOG |
LOG-01013833 |
Server name |
CMP |
CMP-81988811 |
Client name |
CLN |
CLN-05000273 |
DB User: the name of the database user (for DBA queries) |
DBA |
DBA-1000078 |
Each code has a unique number which is randomly generated. After an exposure request is Canceled or Expired, upon the next log in to a session, the user will be "re-anonymized" and receive a new Code ID. All other user Code IDs will also be regenerated.