Show Contents / Index / Search

Configure Information Privacy

With Reflection Information Privacy, you can protect sensitive data such as credit card Primary Account Numbers (PANs), phone numbers, and US Social Security numbers. Information Privacy allows you to configure Reflection so that the sensitive data is not displayed on the screen or in productivity features, such as Screen History. It also allows you to require secure connections.

You can configure Information Privacy with the ACT tool or with Group Policy.

To set up Information Privacy with the ACT tool

  1. On a workstation on which you have installed Reflection, open the Attachmate Customization Tool from a desktop shortcut (if you set up a shortcut) or from a command line as follows:

    path_to_setup\setup.exe /admin

  2. In the Select Customization dialog box, select Create a new Companion installer, and then click OK.
  3. On the navigation pane, click Specify install locations.
  4. Under Installation type, select Installs only for the user who installs it.
  5. On the navigation pane, click Modify User Settings.
  6. In the Make changes to user settings... panel, under Application - Settings, select Reflection 2011-Workspace Settings and then click Define.
  7. Under Trust Center, click Set Up Information Privacy.
  8. Follow the instructions in Set Up Information Privacy Dialog Box and in the Setting up Information Privacy pdf (http://support.attachmate.com/manuals/reflection2011.html).

    If you need to...

    Do this...

    Redact certain patterns of data that are outside the realm of credit card formats (e.g., US Social Security numbers).

    Set up Privacy Filter Redaction Rules and Privacy Filters.

    Redact credit card Primary Account Numbers (PANs) to meet PCI DSS requirements.

    PCI DSS (Payment Card Industry Data Security Standard) is a worldwide standard comprising technology requirements and process requirements designed to prevent fraud and is published by PCI Security Standards Council, LLC (https://www.pcisecuritystandards.org/). All companies who handle credit cards are likely to be subject to this standard.

    Set up Primary Account Number (PAN) Redaction Rules and Primary Account Number (PAN) Detection Rules.

    Require secure connections
    (as may be required for PCI DSS compliance).

    Set up PCI DSS Rules.
  9. When you have finished configuring Information Privacy, click OK.

Note: Privacy filter settings are automatically saved in the PrivacyFilters.xml file. For Versions 2 and greater, all other Information Privacy settings are saved in the PCIDSS.settings file. The companion file is automatically configured to deploy these files to [AppDataFolder]\Attachmate\Reflection\Workspace\data_folder (for a single user) or to [CommonAppDataFolder]\Attachmate\Reflection\Workspace\data_folder (for all users). You can deploy the PrivacyFilters.xml file to all users only if you are deploying Reflection 2011 R2 or greater. The first version of Reflection 2011 does not support deployment of this file to all users.

The name of the last folder in these directories (data_folder) is specific to the version of Reflection. For the first version of Reflection 2011, this folder is R2011. For subsequent versions, it is R2011_versionName. For example, for Reflection 2011 R2, this folder is R2011_R2.

To set up Information Privacy with Group Policy

  1. Copy the following files to the central store as follows:

    Copy these files

    To

    ReflectionPCIDSS.admx and ReflectionWorkspace.admx in:

    …\install_dir\Configuration\GroupPolicy\
    ADMX

    %systemroot%\PolicyDefinitions

    ReflectionPCIDSS.adml and ReflectionWorkspace.adml in:

    …\install_dir\Configuration\GroupPolicy\
    ADMX\en-us

    %systemroot%\PolicyDefinitions\
    <locale>
  2. Open the Group Policy Object Editor (gpedit.msc).
  3. Under either the Computer Configuration or User Configuration branch, browse to Administrative Templates | Reflection Workspace | Information Privacy.
  4. In the Information Privacy panel, select and edit the policy settings.

    Note: If you want to include the default regular expressions used for Custom Detection Rules and Custom Exception Expressions, you will need to add these expressions through the Group Policy editor. For detailed instructions, see Technical Note 2576: "Adding Regular Expressions for Custom Detection Rules and Custom Exception Expressions to Group Policy" (http://support.attachmate.com/techdocs/2576.html).