Secure Access Help Center

Hide Sources with De-identification

Some regions or organizations require restrictions to hide the sources of users making internet requests. To comply with these restrictions, you can hide source names when generating a report by enabling de-identification for a user. When enabled, a hash unique to that source replaces the source (identity) name.

1156

Note: You cannot enable or disable de-identification on your own account. At least two administrators are required to use this feature and any administrator can turn it on or off for another account.

Table of Contents

Prerequisites

Source Types

The following source types are de-identified:

  • AD usernames
  • computer/hostnames
  • internal IP addresses
  • Chromebook identities
  • mobile identities
  • GSuite users and groups
  • SAML-obtained users and groups
  • internal IP addresses

Enable De-identification

  1. Navigate to Admin > Accounts and click an account name.
    Note: You cannot enable de-identification for your own account.
1171
  1. Under De-identification click Change.
668
  1. Click Confirm.
868

De-identification is enabled and source (identity) names are replaced with a hash.

Disable De-identification

  1. Navigate to Admin > Accounts and click an account name.
    Note: You cannot enable de-identification for your own account.
1171
  1. Under De-identification click Change.
628
  1. Click Confirm.
864

De-identification is disabled and the account can view identity names.

Limitations

Because the purpose of de-identification is to remove the visibility of the identity names for the user, de-identification includes the following limitations:

  • The scheduling and exporting of reports is unavailable.
  • The Application Discovery report is unavailable.
  • You cannot search by an active directory username, roaming computer name, or internal IP name.
    However, you can click the hash name to view the source's (identity) details.
  • There is no access to API key management and creation.
  • There is no access to S3 Log Management (self-managed or Cisco-managed).
  • Full administrators with De-identification enabled will see encoded information in all reports except for the Data Loss Prevention Report.

Delete an Account < Hide Sources with De-identification > Manage Cloud Malware Protection

Updated 5 months ago