DTEX Data Pseudonymization

Dtex Data Pseudonymization

Monitoring, Security & Privacy Can Go Hand-in-Hand

At DTEX, we have always believed that workforce awareness and operational intelligence should not come at the cost of privacy, and we have built the DTEX Workforce Cyber Intelligence Platform to strike that critical balance.

Why is Data Anonymization Important?

There are a few reasons why an enterprise might want to anonymize user data:

Company Culture

Too many enterprises achieve
internal visibility at the cost of privacy, damaging employee morale. Pseudonymization means that PII isn’t revealed to internal analysts, removing bias and ensuring that high risk behaviors are targeted based on activities, not toward individuals.

Laws & Regulations

Privacy laws vary drastically between different countries and industries. Dtex’s meta-data collection methods and Pseudonymization abilities ensure that Dtex is fully compliant with the strictest privacy regulations in the world, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Data Security

DTEX’s data can be sent to SOC teams for analysis or exported into reports. Pseudonymization makes sure that even when your data is exported for external viewing, you’re still keeping your employees’ PII and your company information safe.

Data Pseudonymization in DTEX

This is Pseudonymization in action. The screenshot depicts the DTEX alerts page, where all the user and device names –including the domain names – are tokenized and replaced with artificial identifiers.

Raw data fields, including username, email, IP address, domain name and device name, are also tokenized within the DTEX Workforce Cyber Intelligence Platform as soon as they are received. This ensures that PII data is not only inaccessible by the analyst but also the server administrator. The Pseudonymization feature is configurable and optional.

https://www.dtexsystems.com/wp-content/uploads/2020/08/InTERCEPT-screenshot-alerts-anonymized4.png

Re-Identification

DTEX’s Pseudonymization can be unlocked, but only by a very few select, privileged users. During the initial configuration of the Pseudonymization feature, server administrators – or other authorized personnel who have the authority to act on security violations – can set their own Pseudonymization keys and store them in a safe place. To de-anonymize the data, authorized individuals would need to provide their specific Pseudonymization keys in addition to their login credentials. Every instance of re-identification is logged and audited by the DTEX Workforce Cyber Intelligence Platform.

Security analysts typically perform alert triage and hunting to identify security breaches based on the tokenized usernames associated with the breaches. The tokenized usernames are then handed over to authorized individuals, who perform the re-identification process in order to identify the actual user accounts for further forensic review whenever authorized.

With Dtex’s Pseudonymization, enterprises can now more easily achieve regulatory compliance, protect their employee’s privacy, and maintain a secure, open workplace culture.

Learn More About How Dtex Can Help
Secure and Optimize Your Business

x

Dtex Systems Announces InTERCEPT 6.0 Read the news!

Dtex Announces $17.5M in New Funding! Read More!