Skip to content
Browsium Documentation Portal Browsium

Privacy Page

BCMS and Proton include a Privacy mode to comply with certain international regulations on tracking specific activity to specific users. When Privacy is enabled, all information that can be used to trace user activity back to an individual will be removed. All personally identifiable information from all client user accounts that meet any of the criteria established in the Privacy settings will be removed.

Once personally identifiable information is removed, it cannot be restored. To ensure regulatory compliance there is no mechanism to uniquely identify the user for which activity or data is associated. A unique ID is created to ensure records can be uniquely attributed but that ID has no association to a user and cannot be reverse engineered to identify the specific user.

Privacy is disabled by default.

To enable Privacy for all client user accounts, select the ‘Privacy enabled for all users’ button. Then select the scope — either ‘Anonymize users’ to only anonymize usernames and IP addresses, or ‘Anonymize users and machines’ to also anonymize machine names. Then Save Changes to commit the Privacy setting. This will anonymize all client user accounts, IP addresses, and (optionally) machine names for all activity from this point forward. It will not retroactively anonymize any prior activity. If you’ve already collected activity data, it will remain in the database and be visible on reports until that data is purged by the data retention policy settings.

Anonymized activity data will be evident in three fields: User, IP Address, and (optionally) Machine. In the example below, the user who accessed www.msn.com has been anonymized to Anonymous155. (The next anonymized user seen by this Proton server will be Anonymous156.) The IP Address has also been anonymized, zeroing out the last octet. Machine anonymization is not enabled in this example.

Maintaining unique anonymized user and machine names is key to Proton’s ability to track access counts and other data for each web application used by your organization. While the activity can’t be tracked to an individual user, a unique ID is created to enabled correlation with other data to ensure the organization can make informed decisions when managing the web browser and web application environment.

To enable more granular control over which client user accounts are anonymized on your Proton server, select the ‘Privacy enabled for some users’ button. This expands the controls available on the privacy page.

It is possible to limit the privacy settings by Organizational Unit, Active Directory Sites, or IP Address ranges. You can read from existing data to add OU or AD Sites filtering, or add new entries based on your knowledge of your Active Directory structure.

Add multiple IP address ranges by clicking the ‘Add Range’ button.