Compliance: Anonymize Privileged Access Data to Meet Compliance Standards

Important

By default, the Compliance tab is disabled. If your organization wishes to have this functionality, please contact Bomgar Support at https://www.bomgar.com/help.

Anonymization :: User

Information about users as well as the actions performed during access sessions can be made anonymous to meet privacy regulations and compliance standards.

To anonymize data, select the user's username, display name, and/or email address from the field. Cick Search User Activity. If data is found, the system returns a list of the information found for the user along with a randomly-generated, proposed replacement term for the information. The proposed term is clickable, allowing the Edit Replacement prompt to appear. Within the prompt, the data can be made anonymous by entering in a preferred replacement term for the data. When finished, click Edit Replacement Term in All History to replace the term in the section.

The list updates with the new replacement term and displays "All access sessions and team activity events for this user will be marked as anonymized at: (date and time)." After reviewing the replacement terms and time stamp, click Delete User and Anonymize to begin the anonymizing process for the entire software. Before stating the anonymization process, you are required to enter your display name.

Important

All session recordings are deleted as part of the anonymization request.

Anonymization :: Endpoint

Information about endpoints being accessed as well as the actions performed during access sessions can be made anonymous to meet privacy regulations and compliance standards.

To anonymize data, enter the endpoint's name, hostname, and/or IP address into the field. Select the Partial match checkbox if partial matches should be listed. Then click Search Endpoint Activity. If data is found, the system returns a list of the information found for the endpoint along with a randomly-generated, proposed replacement term for the information. The proposed term is clickable, allowing the Edit Replacement prompt to appear. Within the prompt, the data can be made anonymous by entering in a preferred replacement term for the data. When finished, click Edit Replacement Term in All History to replace the term in the section.

The list updates with the new replacement term and displays "The selected access sessions will be marked as anonymized at: (date and time)." After reviewing the replacement terms and time stamp, click Anonymize Selected Sessions to kickstart the anonymizing process for the entire software. Before stating the anonymization process, you are required to enter your display name.

You can also choose to Add Custom. This allows you to enter and to search for customized information, such as account numbers.

Important

All session recordings are deleted as part of the anonymization request.

Anonymization :: Status

Review information about anonymization jobs, including the found and replacement terms, the type of data being anonymized, and the status of the job.

The job status is automatically refreshed every 15 seconds, and the status for completed requests remains available for 24 hours.

Note: This status information is also available in the Access Session Detail report.

Note: For environments where failover or Atlas is configured, the anonymization of data is not complete until synchronization across all nodes or backup appliances has occurred.