Monitoring, Security & Privacy Can Go Hand-in-Hand
At DTEX, we have always believed that workforce awareness and operational intelligence should not come at the cost of privacy, and we have built the DTEX Workforce Cyber Intelligence Platform to strike that critical balance.
Why is Data Anonymization Important?
There are a few reasons why an enterprise might want to anonymize user data:
Too many enterprises achieve
internal visibility at the cost of privacy, damaging employee morale. Pseudonymization means that PII isn’t revealed to internal analysts, removing bias and ensuring that high risk behaviors are targeted based on activities, not toward individuals.
Laws & Regulations
Privacy laws vary drastically between different countries and industries. Dtex’s meta-data collection methods and Pseudonymization abilities ensure that Dtex is fully compliant with the strictest privacy regulations in the world, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
DTEX’s data can be sent to SOC teams for analysis or exported into reports. Pseudonymization makes sure that even when your data is exported for external viewing, you’re still keeping your employees’ PII and your company information safe.
Data Pseudonymization in DTEX
This is Pseudonymization in action. The screenshot depicts the DTEX alerts page, where all the user and device names –including the domain names – are tokenized and replaced with artificial identifiers.
Raw data fields, including username, email, IP address, domain name and device name, are also tokenized within the DTEX Workforce Cyber Intelligence Platform as soon as they are received. This ensures that PII data is not only inaccessible by the analyst but also the server administrator. The Pseudonymization feature is configurable and optional.
DTEX’s Pseudonymization can be unlocked, but only by a very few select, privileged users. During the initial configuration of the Pseudonymization feature, server administrators – or other authorized personnel who have the authority to act on security violations – can set their own Pseudonymization keys and store them in a safe place. To de-anonymize the data, authorized individuals would need to provide their specific Pseudonymization keys in addition to their login credentials. Every instance of re-identification is logged and audited by the DTEX Workforce Cyber Intelligence Platform.
Security analysts typically perform alert triage and hunting to identify security breaches based on the tokenized usernames associated with the breaches. The tokenized usernames are then handed over to authorized individuals, who perform the re-identification process in order to identify the actual user accounts for further forensic review whenever authorized.