Jason again from the Foglight field team. I fell upon an interesting requirement for Foglight Experience Viewer (FxV) recently and wanted to share with the community how we tackled it.
General labor agreements for workers in Germany under the Works Council deem it necessary to make anonymous any type of replay information we might store within FxV and FxM. Why you ask? Well, if Klaus is working one day on an application and performs his tasks much more slowly or with more data entry errors compared to his peers, his anonymity may be protected. Further, any trace of that activity can't be directly linked to him as an individual as grounds for dismissal.
FxV out of the box will store this type of information but can be configured to mask it during replay in order to comply with these regulations.
For most web applications, the challenge is presented when app servers assign a unique session to each visitor. This is how FxV sessionizes for unique users. Further, the use of a unique identifier may be present to create this uniqueness within the app, such as user ID, user name, employee number, etc.
Here is a short list of operations which may reduce or eliminate the possibility of tying session level data back to an individual:
* Variable Rules in FxM
When configured, variable rules can transform VALUES of variables, whether they are in queries, parameters, cookies, form fields, post/get, etc. One of the options here is to REPLACE the contents with a specified value, such as "XXXXXXX" If there are personally-identifiable fields in the application they need to be identified ahead of time by their name before these replacements can be setup. The "Apply to FxV hits" option may be helpful here so that data is never sent to FxV as well.
* Not using Login Variables in FxM
One of the options for sorting through sessions in FxM is to display a login name/user ID instead of the IP address of the user. This option should not be used if it contains personally-identifiable information.
* Turn off "Capture All Sessions" in FxM
This option does nothing above and beyond the two mentioned above, but it could prevent seeing session replay highlights in FxM (ip address-to-page-hit info), relying on the more comprehensive security options within FxV to drop sensitive replay information.
* FxV Sensitive Content Expressions
Within FxV, you have the option to squelch anything that comes through the HTML source code, thus eliminating it from view during a session replay. This is quickly done by identifying a regular expression which will mask the text, and issuing a replacement string. Again, this string could be "XXXXXX." Keep in mind this option is a global setting and used when personally-identifiable information is NOT stored neatly in a field, but rather displayed on a web page in plain HTML.
* FxV Sensitive Hit Expressions
Within FxV, field names can be quickly blocked to prevent viewing during replay. With this option, query variables, form variables and the like can be replaced with alternate text. FxV will display a list of the field names it knows of to make this process easier.
Every application is different and it would be a good idea to closely examine ALL aspects of personally-identifiable information within the app BEFORE plugging the appliances in to capture data. However, once these setup items are addressed you can be in compliance with these types of local laws and regulations.
Good luck and good monitoring!