Data Privacy: Prepare to Configure

Document created by RSA Information Design and Development on Sep 18, 2017Last modified by RSA Information Design and Development on Oct 2, 2017
Version 2Show Document
  • View in full screen mode
 

This topic provides general guidelines for planning and configuring data privacy policies in the NetWitness Suite network. Before beginning configuration, you must understand the data that needs to be protected on your network and develop a plan. You will need to:

  1. Identify the meta keys that hold privacy-sensitive data and need to be protected. This decision is based on requirements specific to your site.
  2. Decide which users need access to privacy-sensitive meta data and raw content. The first decision is whether to separate the DPO and administrator roles for your site by configuring a custom administrators system role on Decoder and Log Decoders and removing the dpo.manage permission. By default, administrators have all permissions including the ability to configure the salted hash transform used to obfuscate data; some sites may want to reserve this access for data privacy officers. The Service User Roles and Permissions in the Hosts and Services Getting Started Guide has more details on exactly what permissions each role has and the purpose of the permissions.
  3. Plan the configuration changes you need to make in your NetWitness Suite deployment to support adequate data privacy.
  4. Assess how your configuration may impact out-of-the-box and custom content. For example, by default content available via Live for Reporting Engine is not geared toward obfuscated meta values.

In a single deployment, certain data-privacy configurations in the Core services must be the same. The following table lists these settings and uses a checkmark to identify the services for which the configuration must be the same.

                                                            
 Configure the Same For:
Data-Privacy SettingDecoderLog DecoderArchiverConcentratorBroker
Hash algorithm and salt for privacy-sensitive data    
Language key data privacy attributes in the custom index file (includes configuring keys as protected)
Transient meta keys (not persisted on disk) per service and parser    
Meta data and raw content visibility per system user group. (The meta keys must exist in the custom index file.)
User who has the Aggregation service user role assigned is added.*   

* When trying to access data on an aggregate service, the Log Collector or Broker requests authentication. When prompted to enter user name and password, you must authenticate as a user who is assigned the Aggregation service role. The Aggregation Role topic in the Hosts and Services Getting Started Guide provides detailed information about this role. Follow the instructions in the Add, Replicate or Delete a Service User topic in the Hosts and Services Getting Started Guide to create a user and assign the new user the Aggregation service user role.

Previous Topic:Quick Start Procedures
You are here
Table of Contents > Quick Start Procedures > Prepare to Configure Data Privacy

Attachments

    Outcomes