Censoring recorded data
When the Session monitor app is collecting keystroke and clipboard data, users may be required to enter personal data that should not be visible. You can restrict sensitive data from being shown by using Recorded data censorship rules. These rules use a regular expression that, when satisfied, will replace any data captured from keystrokes and clipboard with a series of repeating characters.
There are four shipped censorship rules:
CC – censors credit card numbers
PASSWORD – censors passwords with at least 7 characters, mixed case, 3 letters, 1 digit
SIN – censors social insurance numbers
SSN – censors social security numbers
To add a new censorship rule:
Navigate to Manage the system > Privileged access > Recorded data censorship rules.
Click Add new… button.
Configure the following information:
Provide a unique ID for the rule
Provide a Description for the rule
Set a Regular expression for the types of strings to censor.
(Optional) Set a character to censor the value in the Replace with field.
Select the Enabled checkbox.
Click Add.
By default, the shipped censorship rules are enabled. You can modify these rules to not censor data by deselecting the Enabled checkbox.
After a session has been captured, when users request and view the keystrokes and clipboard values of the session, all instances where the censorship rules are applied to display the Replace with character. For example, the SIN number 123-456-789 will be set to ###########. This process is done when smonprocessmeta is run.