cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Controlling access to sensitive data in Dynatrace: data masking and display permissions

jordan_rose
Helper

HI all,

I'm just now learning that there is a real challenge with controlling access to sensitive data in Dynatrace. Once you mask data URIs there is really no way to display it to authorized users.

 

I figured adding the data to a request attribute then ticking the "Request attribute contains confidential data (hides data from unauthorized users)." and the "Allow.... " option would allow only users with "View sensitive data" permission to view the unmasked data in the request attribute.

 

This does not seem to the case? All of my users can either see the data or they cannot based on ticking that first option - "Allow this request attribute to access unmasked personal data". Adding or removing the permission "View sensitive request data" has no affect?

 

What am I missing?

How do I allow only specific users access to masked data?

 

Thanks,

Jordan

2 REPLIES 2

josef_schiessl
Dynatrace Helper
Dynatrace Helper

Hi, its exactly how you described.

However, as far as I know, we have a few built-in rules (eg. Credit-Card Information is always masked regardless), etc. Can you maybe share an example, of where ticking this flag does not have the desired outcome?

Kind regards,

Josef

I have created a request attribute with below options enabled. All of my users can see the value of this attribute in plain text, even though none of them have the "View sensitive request data" permission. 

Request attribute settings -

jordan_rose_0-1670429044488.png

 

This same data is masked by this setting and shows as <masked> in the purepaths.

jordan_rose_1-1670429228482.png

 

My goal is to mask sensitive data but also give authorized users a way to access it. Per the doc this should be possible using request attributes and permissions.

Featured Posts