Login
    Contenu x
    Erasue of Personal Data in OneSpan Authentication Server Appliance
    • 03 Jan 2025
    • 3 Minutes à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Erasue of Personal Data in OneSpan Authentication Server Appliance

    • Mis à jour le 03 Jan 2025
    • 3 Minutes à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    GDPR foresees for users a “right to be forgotten”, i.e. your organization is obliged to erase personal data if these are no longer needed for the original purpose for which the data was collected, processed, and stored, in the first place. To comply with the GDPR, an individual's user-related data stored and/or processed in OneSpan Authentication Server Appliance must be deleted upon request.

    OneSpan Authentication Server Appliance uses an individual's personal data for authentication and auditing purposes. For an overview of the personal data stored in OneSpan Authentication Server Appliance, see Types of personal data in OneSpan Authentication Server.

    Deleting personal data used for authentication

    In the OneSpan Authentication Server Appliance user database, personal data is collected and processed for authentication purposes. If the end user no longer wants to use OneSpan Authentication Server Appliance for authentication, the user's personal data must be removed from the user database..

    Deleting personal data used for auditing

    Personal data is also collected in OneSpan Authentication Server Appliance over a given period for auditing purposes, for example, to enable administrators to consult the logs to troubleshoot issues or investigate incidents. The audit data are stored in different locations:

    • Audit database
    • Event logs: Linux syslog
    • Audit Viewer

    To comply with GDPR, audit records must be deleted after a certain period has passed.

    The duration of the period, after which the personal data used for auditing must be deleted, is to be defined by your organization and is not pre-configured in OneSpan Authentication Server Appliance.

    Audit database

    To ensure that all personal data is removed as required, audit data older than the period your organization has defined must be deleted from the OneSpan Authentication Server Appliance audit database. This can be done via the Administration Web Interface and the Delete Audit Data Wizard. Audit data can also be exported via the Configuration Tool Audit Viewer at Monitoring > Audit Logs, or the Log File Management page at Monitoring > Log File Management. The Log File Management page also allows to delete the oldest audit database entries.

    With the Delete Audit Data wizard you can either delete audit records immediately, or schedule a task for the deletion. You can also configure this to be a recurring task and delete audit records at regular intervals.

    If you use the Delete Audit Data Wizard to erase the data, audit data older than the specified date will be removed!

    For more information about task management and more detailed instructions for audit message export and task-based erasure of audit data, refer to the OneSpan Authentication Server Appliance Administrator Guide.

    Audit Viewer and event logs

    There is no need to delete any data displayed in the Audit Viewer because records shown here are only stored as long as the Audit Viewer application is running.

    It is possible to configure OneSpan Authentication Server to send its audit log files to the OneSpan Authentication Server Appliance syslog. Old syslog files can be deleted via the Log File Management.

    Diagnostic log files

    OneSpan Authentication Server Appliance offers tracing for troubleshooting purposes. The level of tracing used by OneSpan Authentication Server Appliance can be configured in the Configuration Tool via Authentication Server > Tracing Settings. Trace files can be downloaded and deleted via the Log File Management.

    We strongly recommend to use the tracing feature only for troubleshooting purposes, and to disable it when OneSpan Authentication Server Appliance is used in production mode to enhance server performance.

    When tracing is enabled in OneSpan Authentication Server Appliance, the system creates a diagnostic log file. This file is a binary log file that contains the same information as the text log file. Our technical support staff uses this diagnostic log file for troubleshooting purposes.

    The binary diagnostic log file cannot be manually downloaded or deleted via the OneSpan Authentication Server Appliance Configuration Tool—it is deleted automatically when tracing is disabled.

    When troubleshooting OneSpan Authentication Server Appliance components and side products, keep in mind that the following have their own tracing facilities:

    • Data Migration Tool
    • Digipass Authentication for Windows Logon
    • LDAP Synchronization Tool
    • Message Delivery Component
    • Password Synchronization Manager

    The tracing logs of these components/side-products must be rotated at regular intervals. For more information, refer to the OneSpan Authentication Server Appliance Administrator Guide.

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle