Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Disable Logs - Sensitive Data

Go to answer
BenRPA
Level 4

‎12-09-18 01:43 AM

Hi all, I am working for a client who wants to disable logs for certain values (Private employee information such as Social Security Number(SSN)). I need to use that SSN for the 3 steps following the moment I get it, but I do not need it afterwards. The client is not allowed to keep any log about the SSN. If I disable the "Stage Logging" for the 3 steps using SSN, does that mean that I will not have any log/information about SSN within the Blue Prism database? Any additionnal steps needed? Thanks for the help! Ben
0 Likes
1 BEST ANSWER

Helpful Answers

Go to answer
BastiaanBezemer
Level 5

‎12-09-18 12:32 PM

Hi Ben, If an Object uses the SSN and the SSN is passed on to it, also be sure to disable logging on the Start and End stages. If the data is stored in the Queue, either discuss  with the client if Queue encryption is sufficient, or rework the queue so it is not contained. Kind regards, Bastiaan

View answer in original post

0 Likes
3 REPLIES 3

Go to answer
BastiaanBezemer
Level 5

‎12-09-18 12:32 PM

Hi Ben, If an Object uses the SSN and the SSN is passed on to it, also be sure to disable logging on the Start and End stages. If the data is stored in the Queue, either discuss  with the client if Queue encryption is sufficient, or rework the queue so it is not contained. Kind regards, Bastiaan
0 Likes

Go to answer
BenRPA
Level 4

‎14-09-18 07:15 PM

Queue Encryption might not be enough. Thanks Bastiaan for your input, I really appreciate it! I have disabled stage logging as discussed. Kind regards, Ben
0 Likes

Go to answer
david.l.morris
Level 15

‎18-09-18 08:26 AM

HI Ben, You seem like you may have this solved, but there are three things that come to mind in addition to what you and Bastiaan discussed. (1) Disabling stage logging will work unless someone overrides the logging level from the System Tab > Resources > Management area. If you right click on a Resource, you'll see that there are logging level overrides there. Just something to consider. This might just mean you should restrict access to that part of the System to only people who understand how to use that section. (2) In addition to disabling stage logging, you should tick the checkbox in action stages where it says ""Don't log parameters on this stage"". (3) You could also treat the SSN as a password datatype. It will work just fine for data entry where necessary, but if it does happen to get logged anywhere such as session logs, etc., it will not show the actual SSN. (actually a 4th thing comes to mind now that you could encrypt the SSN when you first retrieve it and then decrypt it before you write it anywhere. But that might be overkill. Haha) Anyway, just some input. Hope it helps! Respectfully, Dave

Dave Morris, 3Ci at Southern Company
0 Likes