Secure access to applications with personal data

Abstract

Overview of Sitecore applications that exposes personal data and how to make them comply with your data privacy policy.

Warning

This Privacy Guide provides technical guidance on how your developers can choose to configure your Sitecore product implementation to support you on your data privacy compliance journey. This guide does not provide exhaustive guidance, and should not be construed or used as legal advice about the content, interpretation, or application of any law or regulation. You, the customer, will always be in the best position to assess your own risks, and must seek your own legal counsel to understand the applicability of any law or regulation to your business, including how you process personal data. Your resulting implementation is based entirely on your own configuration choices.

Ensure that business users with access to back office interfaces such as BizFX or the User Manager on the Content Management role have the appropriate levels of access. Other recommendations include:

  • Use security roles to limit access to Sitecore interfaces. You can use default security roles or create your own.

  • Disable or remove unused user accounts.

  • Limit the number of administrator accounts.

  • Configure a strong password policy.

Applications that expose personal data

The following table lists the business user applications that access and display personal data, and the role that is required to access the application:

Application

Personal data exposed by application

Role required to access application

User Manager

User name, user email, and potentially other personal data.

sitecore\Sitecore Client Account Managing

Federated authentication

User name, user email, and potentially other personal data.

sitecore\Sitecore Client Account Managing

All SPEAK applications

User name. Name is displayed in the SPEAK ribbon.

Any logged-in user

List Manager

User email adress, user name.

sitecore\List Manager Editors

Content Editor

Fields with user name in “Created By” and “Edited By” fields.

sitecore\Sitecore Client Authoring

Experience Profile

User name, email, location, and other personal data.

sitecore\Analytics Reporting

sitecore\EXM Advanced Users

sitecore\EXM Users

Experience Analytics

Reports by Location, reports by IP, reports by User Agent/Device.

sitecore\Analytics Reporting

Email Experience Manager

Accesses recipient lists created by List Manager.

See EXM security roles

Marketing automation

User names, email addresses.

sitecore\Marketing Automation Editors

Note

You can export contacts currently enrolled in a campaign to CSV. The CSV includes personal data such as the contact's name and email address.

BizFX

Customer name, address, email, order history.

See User roles and permissions for information about Commerce roles

Forms

Form submission data.

See The security roles in Sitecore Forms