End of Sale: Screenshot Redaction

NOTE: Screenshot Redaction is currently only available to legacy accounts who have previously had screenshot redaction enabled on the account. We no longer provide screenshot redaction as an add-on option but we encourage new customers to explore the Screen Details add-on for additional insight.

What is Screenshot Redaction?

Screenshot Redaction is an Add-on Feature that sends captured screenshots through an algorithm that redacts sensitive information by category using InfoTypes. An InfoType is a type of sensitive data, such as a name, email address, telephone number, identification number, credit card number, etc. When redacted, this type of information will appear with a black line marked through it, restricting its visibility, and improving sensitive data protection.

An example of a redacted screenshot, where data/time and URL have been obscured.

The Screenshot Redaction feature is customizable and can be enabled for almost any type of sensitive information you’d like hidden when a screenshot is taken. 

To get started with using Screenshot Redaction, navigate to the Screenshot Redaction page within the ActivTrak app by selecting Alarms > Screenshots > Redaction. By selecting the “Edit Settings” button at the top of this page, Administrators can configure selected Global information to be redacted, as well as information specific to the United States.

The Screenshot Redaction page within ActivTrak

Screenshot Redaction Limits

ActivTrak's screenshot redaction add-on includes a monthly limit. When the redaction usage goes over the monthly limit, alarm-triggered screenshots are no longer captured to prevent storing unredacted screenshots.

Redaction usage is driven by the number of screenshots captured as ActivTrak must redact all screenshots taken according to the preferences set by admins. To prevent disruption in the alarm-triggered screenshots feature and to avoid overage costs, admins must prevent taking unnecessary screenshots.

You can find usage statistics within The Screenshot Redaction page that allow you to track how much data processing you’ve used against your account’s monthly storage limit. Read on to learn tips and tricks to stay under your monthly limit. 

What information gets redacted?

There are several types of information that are available for redaction. Below is a list of the information types separated by the regions they are offered in. Screenshot redaction is done by using Google's API and is a great way to protect a company's sensitive information when using ActivTrak. This add-on is available to advanced plan users only. If you are currently an advanced plan customer reach out to customersuccess@activtrak.com to learn more about this feature.

Global- 

• advertising identifier
• advertising identifier
• Age of an individual
• Amazon Web Services credentials
• Authentication token
• Azure JSON Web Token
• Bank IBAN number
• Bank SWIFT routing number
• Common headers containing xsfr
• tokensCredit card number
• Credit card track number
• Date of birth
• Date or time
• Domain name
• Email address
• Encryption key
• Ethnic Group
• Female name
• First name
• Gender
• Generic ID
• Google Cloud Platform API key
• Google Cloud Platform service account credentials
• HTTP basic authentication header
• HTTP cookie and set-cookie headers  
• Human readable time (e.g. 9:54 pm)
• ICD10 description match
• ICD9 description match
• IP address
• JSON Web Token
• Last name
• Local MAC address
• MAC address
• Male name
• Medical term
• Organization name
• Passport number
• Password
• Person name
• Phone IMEI number
• Phone number
• Street address
• Street addresses and landmarks
• Top 100,000 most common weakly hashed passwords
• URL
• Vehicle identification number

The United States- 

• American Bankers CUSIP identifier
• Medical drug names
• USA Adoption Taxpayer Identification Number  
• USA DEA number
• USA drivers license number
• USA Employer Identification Number
• USA healthcare national provider identifier
• USA Individual Taxpayer Identification Number
• USA passport number
• USA Preparer Taxpayer Identification Number
• USA social security number
• USA state name
• USA toll-free phone number
• USA vehicle identification number

Argentina-

• Argentina identity card number

Australia-

• Australia driver's license number
• Australia medicare number
• Australia passport number
• Australia tax file number

Belgium-

• Belgium National Identity card number

Screenshot Redaction Best Practices

Some administrators think they need to take screenshots for each incident or even multiple times per incident to have a record of what happened, however, that is not typically the case. 

Here are (4) best practices we recommend to avoid feature disruption and storage overages by configuring your alarms to only take the screenshots you really need.

Best Practice #1: Better leverage the Alarm and Activity Logs

The Alarm Log and Activity Log provides the traceability you may need when there is an incident, including when the incident happened and the duration of the activity. By leveraging the Alarm Log and the Activity Log, you can reduce the number of screenshots required. Learn more and take action:

• Update your Alarm Log 
• Update your Activity Log 

Best Practice #2: Avoid using screenshots for alarms without conditions

Avoid enabling the screenshot feature for alarms without conditions (e.g. any activity of more than 20 seconds). Learn more and take action:

Best Practice #3: Minimize the use of the multi-screenshot feature

Prevent using the alarm multi-screenshot feature. Instead, take one screenshot per incident and complement the incident analysis using the alarm and activity logs. Learn more and take action:

Best Practice #4: Narrow down conditions for using the multi-screenshot feature

When it's absolutely necessary to take multiple screenshots per incident, define the alarm condition for the alarm in question as narrowly as possible to prevent taking multiple screenshots in common conditions. 

For example, accessing google.com is too general and would likely result in unnecessary screenshots that can risk exceeding your monthly usage limit. Additionally, controlling interval time can help control and limit unnecessary screenshots. We recommend setting a long interval between screenshots, ideally for 60 seconds or more. Learn more and take action:

By adhering to the best practices outlined above, you can implement smarter alarms to capture what you need without going over your monthly screenshot redaction limits. 

NOTE: Screenshots are turned off by default.

ActivTrak employs an add-on image redaction feature to keep sensitive data captured by your account safe from anyone who may have access to your screenshots. ActivTrak will automatically detect and redact more than 40 standard pieces of information found in more than 15 countries.

The video below demonstrates how ActivTrak's screenshot redaction feature fits into compliance and privacy policies:

Learn more:

• ActivTrak's Release Life Cycle and Deprecation Policy
• Contact Support