Header background

New permissions limit capture & viewing of sensitive data

Not all data is created equal. Sensitive customer data must be protected and kept confidential at all times. This is why your organization must do everything it can to limit the capture and viewing of your customers’ private information.

New permissions added

To help you in this effort, we’ve added two new permissions to Dynatrace SaaS/Managed (version 118) permissions management.

  • Configure capture of sensitive data
  • View sensitive request data

What is sensitive data?

Going forward Dynatrace will automatically classify certain data items as classified. This includes things like request headers and URI query parameters and extends to certain patterns in exception messages like GUIDs and IP addresses. We will extend this functionality in the coming months. One of these will be to allow Users to configure the additional capture of data which will require the user to have the permission to do so. At this point the User will be able to explicitly designate these newly captured data points as sensitive or non sensitive. Additional related functionality will be covered in future articles.

Show URI query parameter values

We’ve addressed an often-requested feature to make the values of query parameters visible in URIs. This is now possible for users who have permission to view confidential data.

Query parameter view without permission

Sensitive data viewing

Query parameter view with permission

Sensitive data viewing

Upcoming permissions

This permissions functionality will soon be extended within Dynatrace. As a next step, we plan to mask IP addresses and GUIDs in exception messages that are displayed to users who don’t have the View sensitive request data permission. Each available user profile can be protected with this new permission, thereby ensuring that only authorized users have the ability to configure how sensitive data is captured.