SYS-CON MEDIA Authors: Stackify Blog, Zakia Bouachraoui, Elizabeth White, Pat Romanski, Liz McMillan

Blog Feed Post

How to ensure your customers’ data privacy during monitoring

The personal and professional lives of your customers and other consumers around the world increasingly take place online in the digital realm. It’s therefore not a surprise that data privacy is now such an urgent topic of concern. Countries around the globe have adopted various regulations to ensure the protection of their citizens’ personal information, and more regulation is certainly on the way.

Your responsibilities for ensuring data privacy

As a software vendor, it’s key that you be familiar with all applicable laws in your region and that you comply with these regulations. For us at Dynatrace, this means that we must ensure that our real user monitoring capabilities are implemented in a way that doesn’t compromise the privacy of your personal data or the data of your customers.

Browser cookies

Cookie usage is an important aspect of data privacy. Certain governments, particularly those in the European Union, require that you inform your customers about the use of cookies on your site. For details on Dynatrace cookie usage in support of real user monitoring (or to inform your own web application cookie-usage policies), please see How does Dynatrace use cookies?

Do Not Track (DNT) – HTTP header

Another technique for protecting end-user privacy that’s supported by all web browsers is the Do Not Track HTTP header. With this setting enabled, browsers add an additional HTTP request header to all the web requests they send. This header specifies that all user tracking and analytics must be disabled.

To enable Do Not Track compliance in your Dynatrace environment

  1. Select Applications from the navigation menu.
  2. Select the application you want to configure.
  3. Click the Browse [] button.
  4. Select Edit.
  5. Click the Advanced settings tab.
  6. Set the Ignore Do Not Track HTTP headers switch to the Off position.

Additional cookie usage disclosure laws

In certain regions, simply notifying customers of your use of cookies isn’t sufficient. You may additionally be required to implement dedicated functionality that enables your customers to manually enable/disable performance monitoring of their user sessions. See such an example below, which comes from the BBC website.

Cookie opt-in mode

Dynatrace cookie opt-in mode allows you to implement similar functionality in your own web application. With cookie opt-in mode enabled, the injected JavaScript real user monitoring code doesn’t capture any data or set cookies. Data capture and cookie usage can, however, be enabled for individual users using the JavaScript API call dtrum.enable(). This allows you to implement a cookie opt-in setting that enables your customers to comply with the data privacy standards in their region.

Cookie opt-in mode is available for all applications where the real user monitoring JavaScript code snippet is injected automatically. It’s also available for agentless-monitored applications where the JavaScript code snippet is injected manually.

Even with Dynatrace monitored enabled, if your customers don’t have Dynatrace cookies set in their browsers, no monitoring data will be captured. You must explicitly call the JavaScript API call dtrum.enable() from each of your customers’ browsers to restart monitoring-data capture.

To enable cookie opt-in mode for a web application

  1. Select Applications from the navigation menu.
  2. Select the application you want to configure.
  3. Click the Browse [] button.
  4. Select Edit.
  5. Click the Advanced settings tab.
  6. Set the Enable cookie opt-in mode switch to the On position.

The post How to ensure your customers’ data privacy during monitoring appeared first on Dynatrace blog – monitoring redefined.

Read the original blog entry...

More Stories By APM Blog

APM: It’s all about application performance, scalability, and architecture: best practices, lifecycle and DevOps, mobile and web, enterprise, user experience

Latest Stories
The benefits of automated cloud deployments for speed, reliability and security are undeniable. The cornerstone of this approach, immutable deployment, promotes the idea of continuously rolling safe, stable images instead of trying to keep up with managing a fixed pool of virtual or physical machines. In this talk, we'll explore the immutable infrastructure pattern and how to use continuous deployment and continuous integration (CI/CD) process to build and manage server images for any platform....
AI and machine learning disruption for Enterprises started happening in the areas such as IT operations management (ITOPs) and Cloud management and SaaS apps. In 2019 CIOs will see disruptive solutions for Cloud & Devops, AI/ML driven IT Ops and Cloud Ops. Customers want AI-driven multi-cloud operations for monitoring, detection, prevention of disruptions. Disruptions cause revenue loss, unhappy users, impacts brand reputation etc.
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
Enterprises are adopting Kubernetes to accelerate the development and the delivery of cloud-native applications. However, sharing a Kubernetes cluster between members of the same team can be challenging. And, sharing clusters across multiple teams is even harder. Kubernetes offers several constructs to help implement segmentation and isolation. However, these primitives can be complex to understand and apply. As a result, it’s becoming common for enterprises to end up with several clusters. This...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, answered these questions and demonstrated techniques for implementing advanced scheduling. For example, using spot instances and co...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Public clouds dominate IT conversations but the next phase of cloud evolutions are "multi" hybrid cloud environments. The winners in the cloud services industry will be those organizations that understand how to leverage these technologies as complete service solutions for specific customer verticals. In turn, both business and IT actors throughout the enterprise will need to increase their engagement with multi-cloud deployments today while planning a technology strategy that will constitute a ...
Using serverless computing has a number of obvious benefits over traditional application infrastructure - you pay only for what you use, scale up or down immediately to match supply with demand, and avoid operating any server infrastructure at all. However, implementing maintainable and scalable applications using serverless computing services like AWS Lambda poses a number of challenges. The absence of long-lived, user-managed servers means that states cannot be maintained by the service. Lo...
GCP Marketplace is based on a multi-cloud and hybrid-first philosophy, focused on giving Google Cloud partners and enterprise customers flexibility without lock-in. It also helps customers innovate by easily adopting new technologies from ISV partners, such as commercial Kubernetes applications, and allows companies to oversee the full lifecycle of a solution, from discovery through management.
Using serverless computing has a number of obvious benefits over traditional application infrastructure - you pay only for what you use, scale up or down immediately to match supply with demand, and avoid operating any server infrastructure at all. However, implementing maintainable and scalable applications using serverless computing services like AWS Lambda poses a number of challenges. The absence of long-lived, user-managed servers means that states cannot be maintained by the service. Lo...
Today most companies are adopting or evaluating container technology - Docker in particular - to speed up application deployment, drive down cost, ease management and make application delivery more flexible overall. As with most new architectures, this dream takes significant work to become a reality. Even when you do get your application componentized enough and packaged properly, there are still challenges for DevOps teams to making the shift to continuous delivery and achieving that reducti...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Docker and Kubernetes are key elements of modern cloud native deployment automations. After building your microservices, common practice is to create docker images and create YAML files to automate the deployment with Docker and Kubernetes. Writing these YAMLs, Dockerfile descriptors are really painful and error prone.Ballerina is a new cloud-native programing language which understands the architecture around it - the compiler is environment aware of microservices directly deployable into infra...
10ZiG Technology is a leading provider of endpoints for a Virtual Desktop Infrastructure environment. Our fast and reliable hardware is VMware, Citrix and Microsoft ready and designed to handle all ranges of usage - from task-based to sophisticated CAD/CAM users. 10ZiG prides itself in being one of the only companies whose sole focus is in Thin Clients and Zero Clients for VDI. This focus allows us to provide a truly unique level of personal service and customization that is a rare find in th...