Whether it is an online store, a service center, or some other web application, almost all of these need to store information about end users. User profiles, credentials, transactions’ details, and activity tracking are just a few of the sensitive pieces of data that may be capturing. Passwords and credit card numbers are the most obvious ones for concerns around security and privacy violations. To secure sensitive information, you follow best practices, save as little data as possible, and try to keep what is saved secure, however, is this enough? The answer is very complicated.
Basically, it depends on regulations (which vary geographically), privacy standards, and the nature of your business. You can read loads of articles about privacy and personal identification information (PII) and even hire consultants to help you make sure you follow the standards. If you’re working for an enterprise company, you have to meet the privacy standards before going live with real customers, no matter what.
While it is clear that you have control of sensitive information in your own databases, how do you ensure that tools (such as monitoring and analytics tools) and services you use, that have access to your data, do not also store the sensitive information?
The PII and the problem resolution question
Some of the most prominent tools and services that store parts of your app information, including potentially PII, are in the application performance management (APM) space. As a part of their standard behavior, they store detailed information on your app, including input data to your app, as well as various execution data in your app. Some even go as far as providing a black-box equivalent for your app execution flow, with detailed information about each and every function call, argument, and return value. By definition, they can end up storing PII – which can often be against your company policy.
So here is the question – should you give up on using these powerful systems, that can be invaluable in both identifying and solving production issues, because they may result in non-compliance? Thankfully, while some systems don’t provide a solution for this challenge, others do have ways to mask sensitive data, allowing you to take advantage of the increased productivity without putting your customers’ data at risk.
Support for PII on Zend Server 9.1
Zend Server is used by most of our customers for root-cause analysis. Our Monitoring Events system, Code Tracing, and Z-Ray are excellent tools to reproduce problems and nail down errors and bugs. All three store tracing information in the Zend Server database. However wit, the newly released Zend Server 9.1, we’ve added support for PII. Zend Server does not dictate what data needs to be masked, it enables the full configuration and controls. You define a set of privacy rules and the server enforces the masking accordingly.
Here is the configuration page in Zend Server:
In order to cover all possible text values when masking data, 3 categories are defined:
- Sensitive values: Hide sensitive data/values such as function arguments and returned values, using regular expressions, for example hiding credit card numbers.
- Sensitive functions: Hide sensitive input parameters in functions such as login() or connect(). Function names with or with out their scope (class names or namespaces), wildcards included.
- Sensitive keys: Hide sensitive values for specific identifiers/keys such as global variables. Wildcards are supported here as well.
Now, while analyzing Code Traces, Events, or Z-Ray, you’ll see that the values defined in the rules, regardless of the category, masked with asterisks.
In the example below, function apply_filters() is configured for masking. See how the text value is replaced with asterisks:
Take action, your customers trust you.
First, review all customer-related information that is stored in your database and make sure you take security measures to hide sensitive information.
Next, review all the tools and services you use, find out what data they retrieve, and make sure they follow the PII standards as well.
Finally, review your code and try to identify all functions, keys, and values that may leave traces of private user information. Configure Zend Server to mask these values for you.
Not an easy task I know, but hey, you want your customers to trust you, no matter what your business is, right?