Secure access to applications with personal information
This Privacy Guide provides technical guidance on how your developers can choose to configure your Sitecore product implementation to support you with data privacy compliance. This guide does not provide exhaustive guidance, and should not be construed or used as legal advice about the content, interpretation, or application of any law or regulation. You, the customer, will always be in the best position to assess your own risks, and must seek your own legal counsel to understand the applicability of any law or regulation to your business, including how you process personal information. Your resulting implementation is based entirely on your own configuration choices.
Ensure that business users with access to back office interfaces such as the Commerce Business Tools or the User Manager on the Content Management role have the appropriate levels of access. Other recommendations include:
- Use security roles to limit access to Sitecore interfaces. You can use default security roles or create your own.
- Disable or remove unused user accounts.
- Limit the number of administrator accounts.
- Configure a strong password policy.
Applications that expose personal information
The following table lists the business user applications that access and display personal information, and the role that is required to access the application:
| Application | Personal information exposed by the application | Role required to access application |
|---|---|---|
| User Manager | User name, user email, and potentially other personal information. | sitecore\Sitecore Client Account Managing |
| Federated authentication | User name, user email, and potentially other personal information. | sitecore\Sitecore Client Account Managing |
| All SPEAK applications | User name. Name is displayed in the SPEAK ribbon. | Any logged-in user |
| List Manager | User email address, user name. | sitecore\List Manager Editors |
| Content Editor | Fields with user name in Created By and Edited By fields. | sitecore\Sitecore Client Authoring |
| Experience Profile | User name, email, location, and other personal information. | sitecore\Analytics Reporting sitecore\EXM Advanced Users sitecore\EXM Users |
| Experience Analytics | Reports by Location, reports by IP, reports by User Agent/Device. | sitecore\Analytics Reporting |
| Email Experience Manager | Accesses recipient lists created by List Manager. | See EXM security roles |
| Marketing automation | User names, email addresses. | sitecore\Marketing Automation Editors Note You can export contacts currently enrolled in a campaign to CSV. The CSV includes personal information such as the contact's name and email address. |
| Commerce Business Tools | Customer name, address, email, order history. | See User roles and permissions for information about Commerce roles |
| Forms | Form submission data. | See The security roles in Sitecore Forms |