cancel
Showing results for 
Search instead for 
Did you mean: 
canvas_support6
Community Participant

Does Canvas have an Obfuscation tool to apply to test and beta environments?

Jump to solution

Hi All,

   As you know the Canvas clusters all clone top level data down to the test and beta environments on a regular bases. This can be helpful for Support departments to reproduce issues and as a UAT environment before releasing. It does however pose some security issues where this data could get accessed and not leave an audit log around to trace the activity.

   Does Canvas offer a standard Obfuscation tool that would allow all or parts of this data to be masked? If so can I be directed towards some documentation and what is the process of testing and deploying it?

Thanks,

Simon   

Labels (1)
Tags (1)
0 Kudos
1 Solution

Accepted Solutions

Hi Simon,

Yes, you are correct.  I misspoke there.  I was thinking that only admins are allowed to log into these other instances but you are correct, the account information is there which from a data security/privacy perspective is the important thing.  To answer your question, I don't think Canvas has the kind of obfuscation functionality you are looking for but I can see why you would want it.

View solution in original post

0 Kudos
7 Replies
scottdennis
Community Team
Community Team

Hi Simon,

Do I understand correctly that you are wanting to know if there is a way to protect access to test and beta environments other than only allowing admins to authenticate to those instances?

canvas_support6
Community Participant

Hi Scott,

   We already protect access via non production SAML Authentication. But have a legitimate need for Tests and some staff to access these environments for UAT. 

   I am looking for a way to prevent production data making its way into non production to reduce the risk of accidental exposure. I had heard Canvas have an obfuscation tool that can execute around the time or shortly after cloning the data. I would like to explore this option before looking at other solutions.

 

Thanks,

Simon 

  

scottdennis
Community Team
Community Team

Hey Simon,

If I am understanding what you are asking about correctly, I think the short answer is no, that doesn't exist in Canvas.  I will say however that beta and test do have audit logs although they might not be reflected in Canvas Data.  Test and beta have the same security controls as production.  Also, by default those environments don't have all the users provisioned to them.

canvas_support6
Community Participant

Hi Scott,

   WRT

"beta and test do have audit logs although they might not be reflected in Canvas Data."

   Are you saying I can obtain audit logs for test and beta prior to the last refresh? 

"by default those environments don't have all the users provisioned to them"

   This is not my experience. In our environments all user accounts are present in test and beta with their original roles. Do we have a setting enabled that is doing this? if so can you tell me the name and location of the setting?

Thanks,

Simon

 

canvas_support6
Community Participant

Hi Scott,

   you mentioned

"by default those environments don't have all the users provisioned to them"

   This is not my experience. In our environments all user accounts are present in test and beta with their original roles. Do we have a setting enabled that is doing this? if so can you tell me the name and location of the setting?

 

Thanks,

Simon

Hi Simon,

Yes, you are correct.  I misspoke there.  I was thinking that only admins are allowed to log into these other instances but you are correct, the account information is there which from a data security/privacy perspective is the important thing.  To answer your question, I don't think Canvas has the kind of obfuscation functionality you are looking for but I can see why you would want it.

View solution in original post

0 Kudos
canvas_support6
Community Participant

thanks Scott.