Setup: Labs
Introduction
This document explains how the SolarWinds Service Desk (SWSD) Labs module works and how administrators can use it to their advantage. With Labs you can allow your IT teams to test new features prior to a general release.
Using Labs, you can get feedback from your user community about the benefits and challenges of each Labs feature. If a feature does not behave as expected, you can toggle it off until the matter is resolved or removed.
Navigation
ITSM customers | ESM customers |
---|---|
Setup > Global Settings > Labs |
Organization > Global Settings > Labs |
How to use Labs
Features in Labs are temporary. You do not need to test each feature. If you feel your organization would benefit from a new feature and/or enhancement, go to Setup > Labs. In the list of available features, toggle the feature to On.
Some features in Labs are interconnected. You may decide to activate more than one feature simultaneously to maximize the benefit of new Labs offerings.
As new features prove successful, they will be permanently integrated into the platform. Likewise, they will be deleted if they are not found to benefit end users.
Features currently in Labs
Automatic mapping of SolarWinds Platform (previously Orion nodes)
SWSD offers many capabilities to help streamline processes. Automatic mapping of SolarWinds Platform nodes combines two features that offer insight.
-
Discovery of SolarWinds Platform assets and bringing them to SolarWinds Service Desk Change Management Database (CMDB).
-
SolarWinds Platform alerts (that meet certain predefined conditions) are automatically converted into Incidents in SWSD.
SWSD supports the automatic mapping of the relevant Configuration Item (CI) to an Incident record created from a SolarWinds Platform alert. For example, if Node 348 goes down, and Node 348 is listed in SWSD as a CI, SolarWinds Platform will generate an alert and automatically attach the Node 348 CI to the Incident during its creation.
For more information, see SolarWinds Platform Integration: Automatic Mapping of SolarWinds Platform nodes.
Data masking
Premier and Advanced plans only. Advanced plans are limited to system fields (title, description, and comments). Premier plans have no limitations.
When you enable data masking, sensitive information is masked so that only users with the proper permissions can see the data.
About data masking
Data masking uses a classification model to hide/redact sensitive data to comply with regulatory and privacy guidelines for PII (personally identifiable information) and PCI (payment card industry). By masking PII and PCI data, SolarWinds Service Desk (SWSD) protects sensitive information from unauthorized access and maintains data privacy. To mask sensitive data beyond PII and PCI, you can use custom fields.
Only authorized users can unmask the data.
Where data masking applies
Data masking is applied across communication channels and to multiple types of fields and file formats.
Communication channels
- MS Teams
- Slack
- Virtual Agent
- Mobile app
Attachment file types
- Plain text file types, including but not limited to:
- Text (.txt)
- CSV (.csv)
- JSON (.json)
- XML (.xml)
- Log files (.log)
-
Other file types, including but not limited to:
- Portable Document Format (PDF)
- Word (.docx)
Outgoing email
Only masked fields and files are sent. To unmask data, email recipients need to go to SWSD.
User input text
All PII/PCI text input by a user is masked. Only authorized users can unmask data.
Custom fields
After the data masking feature is enabled, each custom field you want protected must be configured. When properly configured, SWSD treats all data in the custom field as sensitive. It is protected so that only authorized users can unmask the data.
Data masking for custom fields supports two custom field types: Text and Text Area.
To enable data masking on a specific custom field:
-
Be sure that data masking is enabled for Labs by following the instructions under Enable data masking and set permissions.
-
Navigate to Setup > Service Desk > Custom Fields.
-
Select the specific custom field where you want to enable data masking, and then mark the check box: Mask the data in this custom field.
-
Remember to set role-based permissions as described in Set unmasking permissions for the user roles your company wants to allow to unmask data:
What data is masked
Personally identifiable information (PII) refers to any information that can be used to identify an individual, either on its own or when combined with other information. PII can include, but is not limited to:
- Full name
- Social Security Number (SSN)
- Driver's license number
- Email address
- Home address
- Telephone number
- Date of birth
- Biometric records
- Any other information that is linked or linkable to an individual
Payment card information (PCI) refers to any information related to payment cards (such as credit or debit cards) that can be used to process transactions. PCI typically includes, but is not limited to:
- Primary Account Number (PAN): The full credit or debit card number.
- Cardholder Name: The name printed on the card.
- Expiration Date: The date when the card expires.
- Service Code: A 3- or 4-digit code used to specify restrictions or special conditions on the card.
- Card Verification Value (CVV/CVC): A security feature for credit or debit card transactions, typically a 3- or 4-digit number printed on the card.
Enable data masking and set permissions
-
Navigate to Setup > Labs > Data Masking.
ESM customers: Navigate to Organization > Setup > Labs > Data Masking and switch the toggle to On. -
Select the Data Masking feature you want to enable and switch the toggle to On. Available features are:
- Data Masking - Attachments: Masks sensitive information in supported attachments (.txt, .csv, .json, .xml, .log, .pdf, .docx).
- Data Masking - Inputs: Masks sensitive information (SSNs, cred cards, PII, email addresses, phone numbers) in user inputs, including titles, descriptions, comments, and custom fields.
-
Set unmasking permissions for the user roles your company wants to allow to unmask data:
-
Navigate to Setup > Account > Roles & Permissions.
-
To the right of the role where you want to add the permission, click Add Permission.
-
In the pop-up, select Action: Manage, and then click the dropdown under Subject and scroll to the bottom to select Unmask Data.
-
Apply the permission to the roles that should be allowed to unmask sensitive data.
Any role with Manage > All permission can see sensitive data in attachments and fields. If you want to prevent specific roles from being allowed to unmask data, add a restriction to that role. See Add permissions for more information.
-
-
If you are a Premier customer and want to enable data masking for specific custom fields, follow the instructions: To enable data masking on a specific custom field:
How agents can unmask data
Three options are available for agents to show or hide sensitive data:
- At the field level, hover over the field and click .
- At the object level (incident, service request, problem, etc.), click
Show sensitive data
.
In addition, if the account is set for inline edit (see Inline Edit on records and Inline Edit On Service Catalog Items), clicking displays sensitive data.