Privacy By Design
Privacy is often more a cultural issue more than a technology issue. Protect your users’ privacy and your organization’s assets while complying with cultural and industry standards. We know the ObserveIT platform is powerful. It’s so powerful our customers achieve the balance of both security and privacy using ObserveIT.
In our Ultimate Guide to Building an Insider Threat Program, we dive deep into how to balance security with privacy, and what it takes to uphold legal, regulatory, and other privacy responsibilities.
Learn More About Privacy in Our Ultimate Guide to Insider Threats
Balance Data Privacy and Security
HR, legal, privacy, and business units are excited by the ease of use and depth of the user safeguards
Security teams are excited by the data security options regarding data storage, retention, encryption, audit reporting, and access controls, all while ensuring confidential information remains private and anonymous.
Want to learn more about technical best practices around privacy and monitoring for managers and operators?
Many Privacy Regulations, one solution
The EU’s GDPR and U.S. state regulations like the California Consumer Privacy Act (CCPA) are the crux of your program. Most security regulations now contain some privacy measures.
Understand The Situation
Monitor ObserveIT Administors
See every click, keystroke, and action taken by those who manage your ObserveIT platform. The “Watch the Watchers” functionality ensures IT and security administrators know that they cannot abuse their privileges.
Ensure alerts are sent to multiple security team members if suspicious or out-of-policy activity takes place on a user’s endpoint so that you remove single points of failure within incident response. Ideally set them up for your ObserveIT administrators as well.
Get the Full Picture, Appropriately
Understand whether the out-of-policy activity is accidental or malicious in nature, without losing user anonymity, and take swift action using irrefutable evidence when a potential incident is escalated.
ObserveIT Privacy & Compliance Capabilities
An anonymized dashboard provides an overview of risk indicators and assigns a number to each individual, shielding their name, role, and picture, completely anonymizing the person behind the actions
Application & data exclusion policies
In accordance with privacy regulations such as GDPR & CCPA, exclude personal applications from monitoring (such as personal banking, healthcare, social media etc). Focus on user activity & data movement where your sensitive data lives.
Watch the Watcher mechanisms
Ensure safeguards against administrators of ObserveIT misusing their access by recording all their actions within ObserveIT.
Flexible user metadata and screen capture collection
This visibility is configurable, down to the specific user, application, asset, endpoint and even individual user action. Many customers use metadata-only mode as default with visual activity replay for high severity alerts and high risk users.
Data encryption, retention & storage
Configure user metadata and screenshot retention in hot, warm and cold storage per privacy and other compliance requirements.
Role Based Access Controls
ObserveIT has granular role and permission delegation with Active Directory integration through LDAP. The Activity Replay Privacy Protection assigns a master password that must be entered each time that a Console User wants to replay a session.
Comprehensive Audit Trail
ObserveIT is a fully self audited solution. Audit any login, session view, export of data, or configuration change.