Data privacy and security https://www.dynatrace.com/support/help/how-to-use-dynatrace/data-privacy-and-security/#expand-1033show-more
What is the DT Cookie opt-out capability?
The cookies listed above are required for proper function of Dynatrace Real User Monitoring. If you use Dynatrace to monitor your websites and you provide an opt-out option that allows your users to decline the use of Dynatrace cookies, then Dynatrace Real User Monitoring won't work or deliver the expected results. To provide your end users with a cookie opt-out capability, Dynatrace must be configured appropriately. Usually Dynatrace creates tracking cookies automatically. When using cookie opt-in mode, Dynatrace RUM tracking is disabled by default and no cookies are created. When an end user accepts your cookie policy (opt-in mode), Dynatrace RUM is enabled by calling dtrum.enable() within the JavaScript code module. Following this method invocation, Dynatrace tracking cookies are created and RUM is activated. Note: To configure Cookie opt-out mode please see How do I configure Real User Monitoring for privacy?
Account permissions the three ways DT utilizes permissions
1 Access account. Allows access to the account to view environment data (host hours, sessions, synthetic monitors) and view links to Help and Support (create tickets, view documentation, and visit forums). No access to billing or user/group management. 2 Edit billing & account info. Allows access to payment data (credit card details), billing data (invoices), and contact information (company contact data). 3 Manage users. Allows access to user management (add/remove users to groups) and group management (create, edit, delete groups).
Environment permissions the 6 types or ways DT classifies them.
1 Access environment. Allows read-only access to the environment. Can't change settings or install OneAgent. 2 Change monitoring settings. Allows changing of all environment settings. Can't install OneAgent. 3 Download & install OneAgent. Allows download of OneAgent and installation on hosts. Can't change settings. 4 View logs. Allows access to sensitive log file data. 5 View sensitive request data. Allows viewing of potentionally personal data. Users that don't have this permission see that the data point exists but the personal data is masked out with *****. 6 Configure capture of sensitive data. Allows configuration of request-attribute capture rules. These can be used to capture elements such as HTTP headers or Post parameters for storage, filtering, and search.
name the 3 account users in DT.
1 Account manager has full account access. Can view and edit company data, enter credit card data, review invoices, create and edit groups, and add users to groups. Also has access to environment consumption data, Help, and Support. 2 Finance admin can enter credit card data and review invoices. Has access to environment consumption data, Help, and Support. Can't edit groups or assign users to groups. No access to company/billing address info. 3 Account viewer has access to environment consumption data, Help, and Support. No access to credit card data, invoices, or company/billing address info. Can't edit groups or assign users to groups.
Environment users name the 5 default groups.
1 Monitoring admin has full environment access. Can change monitoring settings. Can download and install OneAgent. 2 Deployment admin can download and install OneAgent. Has read-only access to the environment. Can't change settings. 3 Confidential data admin can view personal data (for example, method arguments) and configure request-data capture rules. 4 Monitoring viewer can access the environment in read-only mode. Can't change settings. Can't download or install OneAgent. 5 Log viewer can access and view the contents of log files. Reserved for users who need access to sensitive log file data. No other access rights.
What RUM does with Software and personal data?
1 RUM mainly captures URLs and IP addresses, as required for performance management. RUM can be configured to capture usernames, user IDs, and other personal data to provide better detail about user sessions that experience performance problems. 2 RUM tracks click paths but it doesn't track personal data such as birth dates, social security numbers, credit card numbers, pictures, and social preferences (unless explicitly configured to do so). This is because Dynatrace products are focused on clicks, response times, and service communication, not specific input values. 3 Collected data ages out and is automatically deleted over time, typically within a few weeks. So, an EU citizen's "right to erasure" is handled by default.
Pro-active support 8 ways DT supports the user
1 Report usage and billing information 2 Send information about used technologies and versions 3 Report Dynatrace cluster health 4 Report cluster and OneAgent events to Dynatrace Support 5 Allow Dynatrace Support remote access to environment monitoring settings 6 Allow Dynatrace Support to change your configuration 7 Dynatrace deployment health monitoring 8 Help us improve Dynatrace for your users by sending usage data from browsers
6 ways Dynatrace provides GDPR compliance?
1 Right to be informed: Users may want to understand what data is collected about them. Dynatrace products have query functions that support this, and session results can be exported to formats such as JSON for analysis. 2 Right for erasure (also known as, the right to be forgotten): Users may want their data to be deleted. Session data has a relatively low retention period, and GDPR gives data processors 30 days to process each customer request. 3 Right to restrict processing: This is supported by the "do not track" browser option and the requirement that users accept RUM tracking before JavaScript is injected into their browsers to enable RUM. 4 Right to data portability: Users may want to change platforms and take their data with them. This isn't relevant in Application Performance Monitoring (APM) because RUM sessions are the property of the data controller. Users have no need to export their click paths and import them into other web applications. 5 Right to rectification or objection: Users may want to change address information or fix incorrect information. This isn't relevant in Application Performance Monitoring because RUM sessions are read-only transaction recordings. If, for example, a user's name is spelled incorrectly, the error doesn't need to be corrected because the data won't be used for any other purpose in the future. 6 Data protection: GDPR specifically rules that state-of-the-art mechanisms be implemented to protect personal data.
three Levels of data protection
1 Scrubbing of data at the point of capture: In this case, the data in question don't leave the monitored process or the end user's browser. 2 Scrubbing of data prior to storage: In this case the data in question is processed by Dynatrace to allow for better analysis, but the original data is scrubbed prior to storage. Scrubbed data portions are replaced with the string <masked>. 3 Masking of data on display: In this case, data is stored but only presented to users who have the View sensitive request data permission. All other users will see that the data point exists but the personal data is masked out with *****.
what is a Data controllers?
A data controller determines the purposes and means of the processing of personal data. Such companies, including those that use application performance monitoring, must ensure that personal data is collected and used in accordance with regulations.
What is data processors?
A data processor processes personal data on behalf of a data controller. Dynatrace, for example, processes personal data for its customers in the course of providing application performance monitoring. Data processors must ensure that stored personal data is protected.
Do not Track HTTP headers
A technique for protecting end-user privacy that's supported by all web browsers is the Do Not Track HTTP header. With this setting enabled, browsers add an additional HTTP request header to all the web requests they send. This header specifies that all user tracking must be disabled.
Training & awareness
All Dynatrace employees undergo annual security-awareness training.
Monitoring
All systems we run are subject to permanent health and security monitoring.
Do Not Track
Another technique for protecting end-user privacy that's supported by all web browsers is the Do Not Track HTTP header. With this setting enabled, browsers add an additional HTTP request header to all the web requests they send. This header specifies that all user tracking must be disabled.
Mark request attributes as confidential
Another way to configure Dynatrace to protect personal data is through the request attributes. Dynatrace allows you to mark request attributes as confidential. For details see Mark request attributes as confidential.
Configure global privacy settings
Configure global privacy settings Dynatrace offers environment-wide settings that serve to ensure your compliance with the data-privacy regulations of your region.
User notification of data storage
Customers are required to be transparent with their users and inform them of the ways in which they collect and use their users' information (typically by way of a Privacy Notice). Where customers engage any third parties to collect information about their users on their behalf (such as Dynatrace), whether for the purposes of application and behavioral analytics or otherwise, this should be made transparent in its Privacy Notice. We, therefore, recommend that customers review and update their Privacy Notices before using our products and services.
Permissions & authentication
Direct access to AWS services by our employees is carefully regulated based on multi-factor authentication. Permissions are granted on a "need to access" policy following a thorough approval process.
Data privacy settings provided by Dynatrace Managed
Dynatrace Managed cluster administrators have access to a number of data-privacy settings that affect the sharing of sensitive end-user data. All settings are enabled by default. Proper configuration of these settings depends on the unique needs of your organization. In addition to pro-active support settings, you'll also find settings related to new Community-user setup and domain name management. Please see below for details on the available controls.
how does DT utilize cookies?
Dynatrace Real User Monitoring relies on browser cookies to correlate user interactions in the browser, for example user actions, with general page and backend performance metrics. Cookies are used to: 1 Monitor site performance 2 Analyze website usage 3 Track user behavior
Configure Dynatrace to protect personal data
Dynatrace can capture a lot of data from end-user monitoring environments. For details, see What personal data is captured by Dynatrace? It's your responsibility to take precautions that protect your customers' private data.
Dynatraces view or Personal data captured by Dynatrace?
Dynatrace captures a lot of end-user data from monitored environments. Based on your license type and configuration, Dynatrace can capture both real-user traffic (user actions, captured directly in end-user browsers) and service-side traffic (web requests and other communications that may include personal data). This page provides information about what personal data types Dynatrace collects (and why) for both Dynatrace Real User Monitoring (RUM) and server-side service monitoring. Here you'll also find information about how sensitive end-user data can be protected, including options for capturing such data by default or excluding it from capture.
what is Dynatrace Real User Monitoring (RUM)?
Dynatrace helps you to improve performance and to both analyze and improve the user experience of your web applications and mobile apps. This includes automatic discovery of client errors and capabilities that detect the root causes of such errors in conjunction with Dynatrace OneAgent. Dynatrace does this by collecting data from the end users of your applications. This is done using client-side JavaScript or the OneAgent for Mobile SDK for native mobile apps.
Service request monitoring
Dynatrace helps you to improve the performance of your applications, it also enables you to analyze problems that occur in production in a timely manner. This is done via Dynatrace OneAgent.
Users
Dynatrace provides separate permissions for account and environment users. To get you started, Dynatrace provides a default set of editable groups. You can edit and adapt these default groups to fit your needs or you can create new groups.
Real User Monitoring privacy settings
Dynatrace recommends the following RUM settings (assuming that these settings aren't superseded by other legal requirements faced by your organization). User opt-in mode Do not Track HTTP headers
Data hosting & storage
Dynatrace runs in the Amazon cloud. Amazon Web Services' (AWS) certified cloud infrastructure security measures provide a high degree of data protection. AWS guarantees physical access controls, hypervisor protection, and secure decommissioning of instance data.
Dynatrace security certifications
Dynatrace services and data is hosted in Amazon Web Services (AWS) facilities. The services and facilities of AWS are certified against international standards, such as ISO 27001 (Information Security Management System), ISO 27017 (Cloud Services Security) and ISO 27018 (Personal Data Protection). For details about all available AWS security certifications, please see AWS Compliance Programs. For all services managed by Dynatrace, we maintain yearly SOC2 Type II and SOC3 compliance reports: The Dynatrace SOC2 Type II report is available to Dynatrace customers following signing of a Non-Disclosure Agreement. To request a copy, please contact your Dynatrace account representative.
What is DT Local storage?
Dynatrace uses localStorage to cache the last monitor beacon response, which contains the configuration for the Real User Monitoring JavaScript library. It doesn't store any user-related data in localStorage. The following table gives an overview of the key/value pairs that Dynatrace writes to local storage.
What is DT Session storage?
Dynatrace uses sessionStorage to store a backup of rxVisitor and dtCookie because certain browsers delete random cookies when too many cookies are used. Dynatrace sets the following two keys (see the table above for examples): rxVisitor dtCookie
Manage domain name & SSL certificates Enable management of domain name and SSL certificates
Enable this setting to generate a domain name (a subdomain of dynatrace-managed.com) with a trusted certificate for your Dynatrace Managed cluster. All users in your environment can then access Dynatrace at <prefix>.dynatrace-managed.com. Please note that this process may take a few minutes. Once complete, you'll be able to access the new URL. Disabling this option results in SSL certificates and the cluster URL being rolled back to the previous version. Remember to update your SSO IdP settings with this URL.
Configure Real User Monitoring according to GDPR
Ensuring the privacy of your customers' personal data is now a key component of your digital-business success. Dynatrace provides numerous privacy enhancements that make it easy for you to configure appropriate settings that protect your customers personal data and ensure your organization's compliance with GDPR.
Data exchange between Managed clusters and Mission Control License
License Frequency: Once every 5 minutes Cluster request: - Mission Control response: License status, cluster ID, license key, license details, license mode
Mask user actions
Mask user actions This setting only affects Real User Monitoring for web applications. With this setting enabled, no input data is captured. Instead, generic values are used as the basis for user action names.
Privacy regulations applicable to Dynatrace?
Monitoring solutions are designed to capture and retain transaction data that typically contain personal information such as social security numbers and credit card information. APM solutions handle this data carefully and don't inhibit your company's compliance with industry regulations. Your organization must however consider APM products and practices within the context of your organization's security and risk management practices. The sections below provide brief summaries of key data-protection laws and how these laws influence APM processes.
Security measures applied to Dynatrace environments?
Our development processes, operations, and infrastructure follow a comprehensive set of security policies that are reviewed at least annually and communicated to all employees. These policies ensure confidentiality, integrity, and availability of our systems and enable us to provide the best possible service to our customers. This page provides an overview of the measures we've taken to secure our hosting environment.
Log Analytics?
RUM and Log Analytics may capture personal data in unplanned situations. For example, personal data may be included in a stack trace, crash dump, or error log. In such situations, personal data is collected solely to provide high-quality service and performance monitoring. We use such data only in exceptional situations (for example, following crashes or to resolve support requests).
What does RUM do for DT?
RUM captures performance metrics from inside a user's browser and offers the ability to identify and track each user session, including entire click paths. This information is needed to monitor performance, provide high-quality service monitoring, and quickly resolve issues when problems are detected.
Data exchange between Managed clusters and Mission Control Registration
Registration Frequency: Once (after first startup) Cluster request: License key, cluster ID Mission Control response: Registration status, username, password
8 of the GDPR rights for EU citizens?
Right to be informed Right of access Right to rectification Right to object Right to erasure ("the right to be forgotten") Right to data portability Right to restrict processing Rights regarding automated decision-making and/or profiling
Manage user groups and permissions
The Dynatrace permission management system makes it easy to manage permissions for groups. The permissions system isn't based on hierarchical roles, but rather on groups, reflecting Unix- and Windows-based permissions. It enables you to create groups that have pre-defined (fully customizable) permissions sets—users added to a group inherit the permissions of that group.
DT view of Data privacy and security?
The European Union's General Data Protection Regulation (GDPR) modernizes the protection of personal data in response to an evolving technology landscape, increased globalization, and complex international data flows. GDPR privacy rights provide all EU citizens with an increased control over their personal information, while holding the companies they interact with accountable for transparency, fairness, and accuracy in how they collect, store, use, and protect personal data.
What is GDPR?
The General Data Protection Regulation for EU citizens defines EU citizens' rights regarding their personal data. For more details, see our GDPR compliance page.
What is HIPAA?
The Health Insurance Portability and Accountability Act of 1996 is a United States federal law that defines standards for electronic health care transactions. HIPAA addresses the security and privacy of patient data and social security numbers. Data transmission must be encrypted and access to health data must be protected.
OneAgent SDK for Android
The OneAgent SDK for Android can be used to report additional details about the mobile user sessions in your app. The OneAgent SDK for Android enables you to create custom user actions, measure web requests, report errors, and tag specific users. This topic explains how to enable these capabilities. You can use the OneAgent SDK either with the Dynatrace Gradle plugin or the command line. You must use the OneAgent SDK when you want to manually instrument your Android app.
What is PCI DSS?
The Payment Card Industry Data Security Standard is an information security standard for organizations that handle cardholder information (for example, credit card numbers). The standard was created to reduce credit card fraud. All vendors that conduct credit card transactions over the internet must comply with PCI standards. APM solutions must not leak credit card information.
Security testing
The attack surfaces of our services are minimized based on automated vulnerability scans, regularly conducted external and internal penetration tests, as well as external and internal bug-bounty programs.
Summary of personal data capture scenarios
The following table provides an overview of how data that may include sensitive values may be captured by Dynatrace. Following are definitions of the various scenarios: 1 May contain PII data: PII data may be captured, either intentionally or accidentally. 2 Configurable capture: Data capture is configurable. Data may or may not be captured. 3 Captured by default: This data is captured by default. 4 Masked by default: If captured, the data is masked by default. 5 Masking on display: If captured, the data is masked on display by default. 6 Masking on storage: If captured, the data is masked before storage by default. 7 Masking on capture: If the data is captured and masking is enabled, the data is masked upon
Real User Monitoring (RUM) and personal data
The recording of personal data is acceptable under General Data Protection Regulations (GDPR) as long as the data collection is proportionate. A data controller must: Record minimal personal data and process it safely. Adhere to obligations that ensure rights, such as the right to information and the right to be forgotten
User tracking
This setting allows you to enable or disable the use of persistent cookies that detect and track returning users. When enabled, Dynatrace Real User Monitoring sets a persistent cookie in end-user browsers that detects if the browser has been used previously to access your application. When disabled, the Returning vs. new users RUM metric no longer works because Dynatrace is no longer able to correlate anonymous user sessions with tagged user sessions.
what is Unintended data collection ?
Through improper implementation or configuration, it's possible that a web application may perform unintended data collection. It's the responsibility of each organization to ensure that personal data are captured responsibly. THE BELOW IS I A YELLOW BOX!!!!! If you become aware of any unintended data collection, or have any concerns about data privacy, please contact us at [email protected] so that we can look into the details and work with you on a resolution.
Cookie opt-out capability
To provide your end users with a cookie opt-out capability, Dynatrace must be configured appropriately. Usually Dynatrace creates tracking cookies automatically. When using cookie opt-in mode, Dynatrace RUM tracking is disabled by default and no cookies are created. When an end user accepts your cookie policy (opt-in mode), Dynatrace RUM is enabled by calling dtrum.enable() within the JavaScript code module. Following this method invocation, Dynatrace tracking cookies are created and RUM is activated.
Data exchange between Managed clusters and Mission Control Updates
Updates Frequency: Once each hour Cluster request: n/a Mission Control response: For cluster updates: version, description, download URL, size. For OneAgent and JavaScript tag updates: label, version, download URLs. For ActiveGate updates: label, version, download URLs
Crash reporting
disabled: Crash reports aren't sent to Dynatrace enabled: Crash reports are sent to Dynatrace
Report a vulnerability to DT?
f you have security concerns or suspect a vulnerability in a Dynatrace product or service, we encourage you to report the vulnerability to us immediately. To help us quickly respond to any suspected vulnerability, please provide all information (for example, proof-of-concept exploit code, tool output, affected product or component, and version number) that will help us reproduce and evaluate the severity of the problem. All information you provide to Dynatrace will be kept confidential. We'll respond to you, acknowledge receipt of your vulnerability report, and outline the next steps.
Data collection level
off: No data is captured. performance: OneAgent only captures anonymous performance data. Monitoring data that can be used to identify individual users (for example, user tags or custom values), aren't captured. user behavior: Both performance and user data is collected. In this mode, OneAgent recognizes and reports on users who re-visit your app in future sessions.
Data privacy settings for mobile apps
to ensure that your mobile apps are compliant with GDPR (or the Google prominent disclosure requirement) you must secure your end user's permission to capture their personal data and receive crash reports from their mobile devices. Starting with OneAgent for Mobile 7.1.4, there is a setting called User opt-in mode that allows you to implement such behavior. This allows you to control the monitoring data that are captured and whether or not crash reports should be sent on a per-user basis.
If your organization provides an end-user opt-out feature for cookies what must you do?
you must use the use the opt-in mode command to enable use of Dynatrace cookies and thereby enable Dynatrace RUM. Once your users have opted into our cookie policy, you must additionally run the command dtrum.enable() in the JavaScript code module.
Capture anonymous user sessions for "Do Not Track" enabled browsers
(Enabled by default) Captures user sessions from the browser, but excludes all personal information that could lead to the identification of the user. The IP address is masked and no user tag information is sent. Note: With the User tracking setting enabled (see above), Dynatrace still sets a persistent cookie to detect returning browsers.
Data exchange between Managed clusters and Mission Control installation?
Installation Frequency: Once during installation and during every upgrade Cluster request: License key Mission Control response: Account name, license name, OneAgent installation flag (true/false), OneAgent download URL
Failover & backups
For backup purposes (and for high availability across multiple data centers) we operate clusters in multiple AWS availability zones. Although captured monitoring data is mirrored to multiple availability zones, a customer's data will never be sent outside of the originating geographic region (United States, European Union, or Australia). For example, monitoring data captured in Ireland remains in the EU as Irish backups are mirrored to clusters in Germany.
Data exchange between Managed clusters and Mission Control Health check
Health check Frequency: Once every 5 minutes Cluster request: Cluster ID, privacy settings, time zone, traffic size, update/maintenance window. Each cluster node adds technical details including OS name and version, number of CPU cores, CPU load, total RAM, free RAM, total disk storage, used storage, server state, master node flag (true/false), and startup time stamp. Each Cluster ActiveGate adds its version, OS name and version, status, certificate issuer, and type (e.g., beacon forwarder). Mission Control response: Health status, message
Restrict access to personal data
If your organization captures personal user data such as email addresses, IP addresses, or passwords in the course of monitoring, you should restrict view access to these personal data so that only authorized users can view them. Only users with the View sensitive request data permission can override data masking settings.
Enable User opt-in mode for your mobile app
User opt-in mode must be enabled at build time and you must have the latest version of OneAgent for Mobile (v7.1.4 or above). In addition, you must implement a privacy settings page that allows each individual user of your app to control their preferences and store them using the new API. The following steps describe the workflow for setting up user opt-in mode. Enable user opt-in mode at build time of your app by setting the DTXUserOptIn flag At startup, OneAgent for Mobile checks the enabled settings of the device. By default, the data collection level is set to off and crash reporting is disabled so that, upon the first startup of the app, no data is shared with Dynatrace. Your app checks if the user has agreed to your privacy policy. If not, a dialog is displayed (see example below), asking for the user's permission. To develop your organization's own privacy policy language, have a look at the example policy texts that we've provided Once the user has confirmed their settings, you can use the new API calls to store the user's preferences. Upon the following startup of your app, OneAgent for Mobile applies the new settings and reports only as much data as the user has agreed to share with Dynatrace.
Incident response
We continuously monitor the security of our hosting environment. In case of security incidents, we thoroughly evaluate detected problems and the underlying root causes. We then define and implement countermeasures and required improvements.
Evaluate & respond
When we receive a vulnerability report, we thoroughly investigate the severity of the security problem and share the results with you, along with any remediation effort and plans for public disclosure. During this process, we keep you regularly informed of our progress. We treat all reported vulnerabilities seriously. We ask for your understanding that remediation of valid security problems takes time. The amount of time varies based on the complexity and severity of each vulnerability. We respectfully ask you not to publish any information about reported vulnerabilities before we've analyzed then, addressed them, and informed our customers (if required), as doing otherwise could put our customers at risk. Please don't share or publish any data that belong to our customers.
What is Log Analytics?
With Dynatrace Log Analytics, you gain direct access to the log content of all your system's mission-critical processes. It's easy to search for specific log messages that you're interested in. Log content can be filtered based on keywords or timeframe. You can even analyze multiple log files simultaneously—even when log files are stored across multiple hosts. Most significantly, Dynatrace artificial intelligence automatically correlates relevant log messages with any problems that it detects in your environment. Relevant log messages that are associated with problems are then factored into problem root-cause analysis.
User opt-in mode
With opt-in mode enabled, injected JavaScript Real User Monitoring code doesn't capture any data or set cookies. Data capture and cookie usage can, however, be enabled for individual users using the JavaScript API call dtrum.enable(). This allows you to implement an opt-in setting that enables your customers to comply with the data privacy standards of their region.
Opt-in mode
With opt-in mode enabled, the injected JavaScript Real User Monitoring code won't capture any data or set cookies. Data capture and cookie usage can, however, be enabled for individual users using the JavaScript API call dtrum.enable(). This allows you to implement an opt-in setting that enables your customers to comply with the data privacy standards of their region. During the course of Dynatrace monitoring—even following Real User Monitoring code snippet injection into your application—if your customers don't have a Dynatrace cookie set in their browser, no RUM monitoring data will be captured. You must explicitly call the JavaScript API call dtrum.enable() from each of your customers' browsers to activate monitoring-data capture.
