Identifying and protecting users' confidential data
This use case describes how a case business analyst can define users' sensitive information as confidential data and configure a support group to access it. Sensitive data includes users' personal information that must be protected to comply with government or company regulations; for example, users’ home address, gender identity, medical information, and salary or compensation-related information.
Scenario
In a large-scale organization, an employee creates an HR case Payroll issue by using BMC Helix Digital Workplace Catalog. The employee adds Cost to Company (CTC) breakup details, which is sensitive personal information and must be protected from unauthorized access. To identify and protect the confidential data, a catalog administrator and a case business analyst must perform the following steps:
- In BMC Helix Digital Workplace Catalog, a catalog administrator must define the CTC breakup details as confidential data.
Employee's CTC breakup details are marked as confidential data in BMC Helix Business Workflows too. - In BMC Helix Business Workflows, a case business analyst must configure a confidential support group, add users from HR and Finance groups to the confidential group, and grant access to the users. This prevents the confidential data from unauthorized access.
Only case agents who belong to the confidential support group can view the employee's CTC breakup details. Case agents can modify the confidential data if they have both read and write access. For case agents who are not a part of the confidential support group, the confidential data is displayed as asterisks.
The following image illustrates how users' confidential data is protected:
Roles involved in this use case
The following roles are involved in this use case:
End user
BMC Helix Digital Workplace Catalog catalog administrator
- BMC Helix Innovation Suite administrator
Case business analyst
Case agent
Benefits
Identifying and protecting confidential data enables a case business analyst to perform the following tasks:
- Classify users' sensitive and personal data as confidential.
Data privacy is maintained when data transfer from BMC Helix Digital Workplace Catalog to BMC Helix Business Workflows occurs. - Manage the confidential data access.
Control who can access the confidential data by granting access only to specific support groups.
Workflow
The following table describes the actions that an administrator, a case business analyst, and a case agent must perform to identify and protect users' confidential data:
Task | Role | Product | Action | Reference |
|---|---|---|---|---|
| 1 | Administrator | BMC Helix Innovation Studio | Configure the confidential support groups in Foundation data so that you can later grant them access to the confidential data. | Designating case data as confidential |
| 2 | Catalog administrator | BMC Helix Digital Workplace Catalog | Define the confidential data in BMC Helix Digital Workplace Catalog cases. | |
| 3 | Case business analyst | BMC Helix Business Workflows | Define the confidential data so that users' sensitive and personal data is classified as confidential. | Designating case data as confidential |
| 4 | Case business analyst | BMC Helix Business Workflows | Grant access to confidential support groups, so that they can access the confidential data. | Designating case data as confidential |
| 5 | Case agent | BMC Helix Business Workflows | Grant access to confidential support groups, so that they can access the confidential data. | Changing user access to cases |
Comments
Log in or register to comment.