Difference between revisions of "Elevated Privacy"

From Secure Web Gateway
m (1 revision imported)
Line 64: Line 64:


[[Category:Configuration]]
[[Category:Configuration]]
=== Example ===
'''Rule#1'''
We want to block online tracking for privacy concerns.
Some websites use third party cookies to track us online. Or use referrer to track user activity.
User agent can help other determine browser version, operating system, system architecture.
We want to enhance our privacy protection by:
* Removing third party cookies
* Hiding referrer
* Modifying user-agent
Users will not be able to login to websites which uses third party cookies.
Websites such as stack overflow requires third party cookies when using google SSO
Connections with profile “ENFORCE PARANOID LEVEL PRIVACY CHECK” will be ensure to have paranoid level privacy check.
[[File:Slide1-elevPrivacy.png|left]]
'''Rule#2'''
For applications for which we required third party website to sign in, Elevated privacy must be bypassed.
For connections with profile “BYPASS ELEVATED PRIVACY” privacy check will be not be required.
Connections with "BYPASS ELEVATED PRIVACY" CAN use third party cookies for authentication purposes.
[[File:Slide2-elevPrivacy.png|left]]

Revision as of 15:34, 5 January 2023

Overview

Use Elevated Privacy to protect privacy activity across different websites.

Otherwise third-party cookies will be tracking your activities.

Example : When you are surfing internet by logging into any of your accounts like Hotmail, Yahoo, Gmail, Online Banking…etc. your activities will be tracked by third party and referral domains.

Global

Elevate2-global.jpg

Enabled

Enable or Disable this section

  • TRUE : Enable strict privacy and third party cookies blocking.
  • FALSE : Disable strict privacy and third party cookies blocking.

Elevated policies

Elevated2-policy.jpg

Create the Policies for Elevated Privacy.

ALL The Following Entries will be tested from top to bottom.

Click on Add below, to add a new entry.

Example: After enabling this section and creating a policy, you are unable to logging into websites with third-party account details like, you are unable to login into flipkart or amazon with Facebook or Gmail accounts.

Enabled

Enable or Disable this entry

  • TRUE : Enable this entry
  • FALSE : Disable this entry

Comment

For documentation, and future references, explainthe relevance of this entry with your policies.

Profiles

Specify the Profiles applicable for this entry.

This entry will be applicable only if the connection has any one of the specified profiles.

Leave it Blank, to apply for all connections irrespective of any applied profile.

To avoid application to a connection that has a profile, use negated profile (!profile).

Privacy Levels

Apply 'Privacy Level' as per your requirement.

Caution: If you select 'Paranoid' level privacy, it may cause problems for web servers which give response based on User-Agent.

  • NOT_REQUIRED : Select this if you want to disable ‘Elevated Privacy’.
  • LOW : Select this, if you want to block Third-Party Cookies only.
  • STANDARD : Select this, if you want block Third-Party Cookies and hide the HTTP & HTTPS referer.
  • PARANOID : Select this, if you want block Third-Party Cookies and hide the HTTP & HTTPS referer and also hide different User Agents.
     


Example

Rule#1

We want to block online tracking for privacy concerns. Some websites use third party cookies to track us online. Or use referrer to track user activity. User agent can help other determine browser version, operating system, system architecture. We want to enhance our privacy protection by:

  • Removing third party cookies
  • Hiding referrer
  • Modifying user-agent

Users will not be able to login to websites which uses third party cookies. Websites such as stack overflow requires third party cookies when using google SSO Connections with profile “ENFORCE PARANOID LEVEL PRIVACY CHECK” will be ensure to have paranoid level privacy check.

Slide1-elevPrivacy.png

Rule#2

For applications for which we required third party website to sign in, Elevated privacy must be bypassed. For connections with profile “BYPASS ELEVATED PRIVACY” privacy check will be not be required. Connections with "BYPASS ELEVATED PRIVACY" CAN use third party cookies for authentication purposes.

Slide2-elevPrivacy.png