Data Security
Feature
Data Security mechanism is available in Germain to -dynamically- make data (a.k.a. “fact” collected by Germain) visible or not to a Germain User.
Each individual “fact” in Germain data model can be secured following a Security Script that your organization can inject into Germain. That Security Script is inserted in:
Either in a Germain RUM JS’s Init Script, for User Session Replay-related data
Or in a “rule” for other fact/data (that you configure Germain to collect) and visible at Germain Workspace > Left Menu > Analytics > Rules.
Dynamic Data-driven Security Setting for User Sessions
The visibility of recorded user sessions can be dynamically configured as Germain UX collects and analyzes it.
Use Case with this Financial organization
This client, a financial stock trading platform, needed Germain UX to dynamically authorize (or not) a User/Team to view User Sessions (recorded by Germain in real-time) based on the type of financial transaction that occurred (buying/selling of stocks, ETFs, etc.). In other words, not every Germain user can watch or replay any recorded sessions; instead, a Germain user can only watch/replay the sessions that she/he is entitled to view, based on the nature of the trading.
Team A has full access to the Germain Session Replay dashboard but can only replay sessions related to trading of Stock ABC.
Team B has full access to the Germain Session Replay dashboard but can only replay sessions related to trading of Stock DEF.
To achieve this, the client customized Germain RUM JS’s init script with the following logic.
Example of Germain RUM JS’s init script:
Example to add access controls to all facts including replay:
/**
* Sets all facts (and the Replay itself) to be visible based on the user being monitored
*
* In the example below:
* - Application User is an Admin user - Data visible to Germain UX Technical team only
* - Application User is a Business user - Data visible to Germain UX Technical team OR Germain UX Business team
* - Application User is any other type - Data visible to all Germain UX users
*/
settings.application.metadataProviders['access'] = function(window) {
// These constants are available from the Teams view in Germain UX
const technicalTeamAccessId = 't0';
const businessTeamAccessId = 't1';
if (isAdminUser(user)) {
// If the user being collected is an Admin user (within the application being
// monitored), only allow the Technical Team (in Germain UX) to access the replay
return technicalTeamAccessId;
} else if (isBusinessUser(user)) {
// If the user being collected is a Business user (within the application being monitored),
// allow the Technical Team (in Germain UX) or Business Team (in Germain UX) to access the replay
return `${technicalTeamAccessId} || ${businessTeamAccessId}`;
}
// Otherwise any Germain UX user can view the replay
return undefined;
};
function isAdminUser(user) {
// custom application logic here...
return user.type === 'Admin';
}
function isBusinessUser(user) {
// custom application logic here...
return user.type === 'Business';
}
Example to add access controls to a specific type of fact (in this example UxConsoleEvent), not including replay:
/**
* Sets UxConsoleEvents to be visible based on the user being monitored
*
* In the example below:
* - Application User is an Admin user - Data visible to Germain UX Technical team only
* - Application User is a Business user - Data visible to Germain UX Technical team OR Germain UX Business team
* - Application User is any other type - Data visible to all Germain UX users
*/
settings.application.factProcessor = (fact) => {
if (fact.myClassName === 'UxConsoleEvent') {
// These constants are available from the Teams view in Germain UX
const technicalTeamAccessId = 't0';
const businessTeamAccessId = 't1';
if (isAdminUser(user)) {
// If the user being collected is an Admin user (within the application being monitored),
// only allow the Technical Team (in Germain UX) to access this fact
fact.access = technicalTeamAccessId;
} else if (isBusinessUser(user)) {
// If the user being collected is a Business user (within the application being monitored),
// allow the Technical Team (in Germain UX) or Business Team (in Germain UX) to access this fact
fact.access = `${technicalTeamAccessId} || ${businessTeamAccessId}`;
} else {
// do nothing, this will mean the fact is visible to all Germain UX users
}
}
};
function isAdminUser(user) {
// custom application logic here...
return user.type === 'Admin';
}
function isBusinessUser(user) {
// custom application logic here...
return user.type === 'Business';
}
Notes
The isAdminUser and isBusinessUser would be logic based on the monitored application.
This logic is completely customisable, above are only examples, the important parts are:
In the first example the settings.application.metadataProviders['access'] should return the access expression
In the second example, the settings.application.factProcessor should set the fact.access property to the access expression for the fact
We support complex syntax for these access expressions:
t1 => only members of the Team with accessId t1 can see the data
t1 || t2 => members of either Team with accessId t1 OR t2 can see the data
t1 && t2 => members must be members of both Teams with accessId t1 AND t2 to be able to see the data
Service: Automation
Feature Availability: 2021.2 or later