Compliance: Make Privileged Remote Access Data Anonymous to Meet Compliance Standards

Reports

Compliance

 

By default, the Compliance tab is disabled. If your organization wishes to have this functionality, please contact BeyondTrust Support at www.beyondtrust.com/docs/index.htm#support.

User Anonymization

Information about users as well as the actions performed during access sessions can be made anonymous to meet privacy regulations and compliance standards.

To make data anonymous, type the username, display name, or email address and then select the user from the list. Click Search Representative Activity. If data is found, the system returns a list of the information found for the user, along with a randomly-generated, proposed replacement term for the information. The proposed term is click-able, allowing the Edit Replacement prompt to appear. Within the prompt, the data can be made anonymous by entering in a preferred replacement term for the data. When finished, click Edit Replacement Term in All History to replace the term in the section.

The list updates with the new replacement term and displays "All access sessions and team activity events for this user will be marked as anonymized at: (date and time)." After reviewing the replacement terms and time stamp, click Delete User and Anonymize to begin the anonymizing process for the entire software. Before stating the anonymization process, you are required to enter your display name.

 

All session recordings are deleted as part of the anonymization request.

Endpoint Anonymization

Information about endpoints being accessed as well as the actions performed during access sessions can be made anonymous to meet privacy regulations and compliance standards.

To make data anonymous, enter the endpoint's name, hostname, or IP address into the field. Select the Partial match checkbox if partial matches should be listed. Then click Search Customer Activity. If data is found, the system returns a list of the information found for the endpoint along with a randomly-generated, proposed replacement term for the information. The proposed term is clickable, allowing the Edit Replacement prompt to appear. Within the prompt, the data can be made anonymous by entering in a preferred replacement term for the data. When finished, click Edit Replacement Term in All History to replace the term in the section.

The list updates with the new replacement term and displays "The selected access sessions will be marked as anonymized at: (date and time)." After reviewing the replacement terms and time stamp, click Anonymize Selected Sessions to kick-start the anonymizing process for the entire software. Before stating the anonymization process, you are required to enter your display name.

You can also choose to Add Custom. This allows you to enter and to search for customized information, such as account numbers.

 

All session recordings are deleted as part of the anonymization request.

Status

Review information about anonymization jobs, including the found and replacement terms, the type of data being anonymized, and the status of the job.

The job status is automatically refreshed every 15 seconds, and the status for completed requests remains available for 24 hours.

This status information is also available in session reports.

For environments where failover or Atlas is configured, the anonymization of data is not complete until synchronization across all nodes or backup B Series Appliances has occurred.