Best practices to minimize the processing of Personal Information with LoadMaster 360

LoadMaster 360 leverages a cloud-based solution, providing the insights necessary to ensure that applications perform as expected. However, with the convenience of cloud services comes the additional challenges to safeguard information which may have a proprietary or personal nature.

LoadMaster 360 parses telemetry data to the cloud. Telemetry data is transmitted securely using HTTPs encryption and authentication protocols. LoadMaster 360 parses logs and data and (as a result) proprietary or personal information might be contained within information that is securely sent to the cloud. Here are some recommendations on best practices you can implement on your Real Servers to avoid sending unnecessary personal information to these logs.

Check URLs

When configuring forms, the HTTP protocol supports GET and POST as methods. When GET is used, data entered on a form can be included as part of the URL and this is captured by the LoadMaster logs. It is recommended to use a POST as the preferred method to avoid exposing proprietary or personal information in the URL.

URL configuration

Depending on the configuration of your application, URLs could unintentionally reveal personal information. For example, a URL like mywebportal.com/userfolder/username@email.com might expose personal information. We recommend replacing such details with UUIDs or some other identifier that obscures data that is considered Personally Identifiable Information (PII) or personal information.

These recommendations are intended to mitigate the exposure of PII or personal information/data during log transmission. While implementing these measures significantly reduces the risk of PII or personal information/data exposure, organizations must conduct a comprehensive security and privacy assessment to determine their risk and explore additional methods tailored to their specific requirements.