User Anonymizer

User Anonymizer is intended to help companies meet their anonymization needs. This add-on component and its functionality are inspired by the 'right to be forgotten' (i.e., one aspect of the European General Data Protection Regulation (GDPR)). However, there may also be other reasons to anonymize a user as part of an established data clean-up routine / record management policy.

The User Anonymization process consists of replacing a deleted user's STEP ID with an anonymous ID. Once the User Anonymizer process has completed, anonymization is implemented as follows in both workbench and Web UI:

  • Revision logs
  • Workflow status logs
  • Object change logs

Important: Before using this functionality, users should confirm that they are not breaking any retention policies or legal obligations regarding the maintenance of record history. Be aware that anonymizing log files goes against the recommendations of security standards like the OWASP Application Security Verification Standard. In general, Stibo Systems does not recommend using this functionality unless there are very vital business and/or legal reasons for doing so.

Starting the Anonymization Process

User Anonymizer is done via the workbench by admin users, and anonymizing can only be done to deleted users. This topic does not cover how to delete users. For more information on deleting a user, refer to the Removing a User from a Group section of the Working with Users topic here.

  1. In workbench Tree, go to the Maintain menu and select User Anonymizer.

  1. Enter the STEP ID of the deleted user to be anonymized. The ID is not case sensitive.

If you enter the ID of an active user, the following message is displayed and cannot move ahead:

  1. Click Next.
  2. Select 'Later' to enter the date and time to run the process. It may be best for you to do the anonymization after regular business hours. Or, you may leave the default setting of 'Now' selected, and the process will run once you exit the User Anonymization Wizard.

  1. Click Finish.

Example: Anonymizing a User

The following example follows user ‘Sam Smith’ as their ID is anonymized.

SAM.SMITH is the user identified in a number logs. For example:

Sam Smith’s User ID (SAM.SMITH) is deleted since Sam moved to a new position and no longer accesses a STEP system. It is not vital to the business, nor is there a legal reason, to keep these records.

The admin user running the User Anonymizer process enters ‘SAM.SMITH’ in the ID field and clicks Next.

Sam has been at the company for years, Because there are extensive records to anonymize, the process is scheduled for an off time so that there is no business impact as the process runs.

A background process begins, and an Execution Report shows when the anonymization is complete.

The new anonymized ID shows in place of Sam’s ID in the following places:

  • [Object] Change Log (in this example, it is the change log for the 'Short Description' attribute)

  • Revision Log

  • Workflow [State] Log

Additionally, the user ID is also anonymized within an object's 'Last edited by' aspect.

While the examples in this topic are all showing the User Anonymizer end results in workbench, the anonymization is visible in Web UI, where configured and applicable (as a starting point, refer to the Web User Interfaces documentation here). For example, revision information on the Multi Revision screen: