NAV GDPR Tools In Action (@NAV 2018 CU4)

NAV GDPR Tools In Action (@NAV 2018 CU4)

Hi Guys,

I have published several posts on the GDPR, we are currently implementing it from several customers, many people still ask me for information on the subject. I have already talked about what to do for the old versions of NAV (which are no longer under maintenance)

But yesterday … the CU4 of NAV 2018 was released (and the other CUs for NAV 2015. 2016, 2017) which includes the TOOLS useful for GDPR. The technical\application modifications have been introduced since CU3, from the CU4 onwards all the necessary tools will be inserted.

PS: Soon my article relational to the GDPR Topic will be published on NAVUG Magazine (article prepared before the CU4 of NAV 2018, therefore generic)

In this post (as promised yesterday in the post on the publication of the CU4 of NAV 2018) i will explain what has been done in CU 4 and how the GDPR tools work.

NAV 2018 CU4 GDPR Tools

If you set this profile you can access to “Data Privacy” menu

PROFILE -> Administration & Security

DATA CLASSIFICATIONS -> Data Classification Worksheet

From this it is possible to classify sensitive data (as described in the GDPR Whitepaper issued by Microsoft), field by field for standard and other custom tables.

It is also possible to set the sensitivity of the data in a massive way, Microsoft has set a standard (base) classification that must be verified and validated.

 

EXAMPLE

Set Data Privacy on Customer Table

SETUP DATA CLASSIFICATION (WIZARD)

It is possible to export and import from Excel, importing from Excel is useful if you have made a map of the data required for processing (sensible and personal date types).

WIZARD IN ACTION!

Choose the right option!

SAVE TO EXCEL

DATA PRIVACY UTILITY

With this button you can execute two functions:

Export data of the subject

Creation of a configuration package (yes, Microsoft has decided to use the old package introduced in NAV 2013 to export import data and manage the cancellation of data…)

Example
Creation of a configuration Package for “Employee” table

SENSIBLE DATA DECTIONFILTEREXPORT

Now you can export sensitive data detected in the system using this Wizard, you can filter what you need.

TYPE OF DATA

  • Sensitive
  • Personal
  • Company Confidential
  • Normal
  • Unclassified

FILTER ON DATA SENSIVITY: “ONLY SENSITIVE DATA” in this case

GENERATE PREVIEW

You can extract data in Preview Mode before exporting it, you can check it before exporting it to Excel

EXPORTING TO EXCEL FUNCTION

After exporting to Excel the system logs what has been done (AUDIT & LOGGING FEATURE)

CREATION OF NEW CONFIGURATION PACKAGE

it is possible to create a new configuration package from this wizard

And.. BINGO!!!

..THIS IS A PACKAGE WITH SENSITIVE DATE

Should I encrypt it? NO, it’s not clear, it’s already in binary code.

DATA PRIVACY ACTIVITY LOG

Each activity is tracked and written in the log (as required by the GDPR)

CHANGE LOG ENTRY

You can activate use the old Change Log Entry to track changes to the data (function existing from the first versions of NAV). Take a look at my old post if you do not use it.

My Post about “Track activities Change” in NAV https://robertostefanettinavblog.com/2015/06/09/nav-2015-tracking-sessions-users-activity-change-log/

 

 

NAV GDPR TOOLS IN ACTION – STEP BY STEP – MANUALE IN ITALIANO

Date le numerose richieste pervenute al blog, ho redatto anche un manuale in italiano.

NAV GDPR Tools In Action – ITA MANUAL

9 thoughts on “NAV GDPR Tools In Action (@NAV 2018 CU4)

  • Pingback:NAV GDPR Tools In Action (@NAV 2018 CU4) | PA

  • 16 April 2018 at 2:36 PM
    Permalink

    Very professional tools. Also Excel Export Buttons in Pages removed. Only the feature “Copy Rows” in List Pages (for example Customer, Vendor, etc…) still exists … Would be a nice feature to have a Page property or System Permission Flag to handle this request, so that the user is not able to export any secure data with Copy & Paste.

    Reply
    • 16 April 2018 at 2:40 PM
      Permalink

      yes, i agree.. i asked for this feature 2 years ago (since NAV 2016) to NAV Team, will be implemented soon ! promised by NAV Team.

      Reply
  • 18 April 2018 at 11:44 AM
    Permalink

    Hi Roberto, thanks for the nice blog! Do you have any information that the GDPR functionality will be extended in future builds of NAV ? I am reading about the copy rows property, but there might be more in the pipeline?

    Reply
  • 18 April 2018 at 1:29 PM
    Permalink

    Hi Roberto, thank you for this blog. Please note that configuration packages are not encrypted. They are zipped xml. Rename the file to .zip.

    Reply
  • 30 April 2018 at 9:49 AM
    Permalink

    Thanks for a detailed blog! It helped me a lot.
    I couldn’t apply the data sensitivity filter to all employees. It allows me to select only one at a time. Is there any way for complete selection? The same goes for other Data Subjects.

    Reply
  • 16 May 2018 at 9:24 AM
    Permalink

    Hi Roberto ,
    Thanks for all the details in the blog. Is there any update for NAV versions 2015 to 2017 as well?

    Reply
  • 17 May 2018 at 5:49 PM
    Permalink

    Hello Roberto,

    thank you for the detailed blog. One remark: To track changes to the data (including deletion of sensitive data), the standard NAV Change Log is not 100% secure, as:
    – Change Log Settings may be changed by NAV users at any time, so the Change Log may not be “always on” for the correct tables and fields
    – Change Log Entries may be deleted by anyone that has access to Object Designer and a NAV Developer License
    I doubt that this meets legal requirements concerning reporting data changes defined by GDPR (DSGVO in Germany).

    Therefore, I highly recommend a tool called “NAVCLARC”.

    This basically does the same thing as standard NAV Change Log, but is in a separate object ID range protected by license settings. So not even a developer with SUPER Permissions and Developer License may even look into code.

    Data and NAVCLARC Change Log Settings are protected by a three-key Access System:
    – Key #1 = for the Customer,
    – Key #2 = for the external Data Security Auditor and
    – Key #3 = an encrypted digital certificate with limited validity Duration (single day or single session) This certificate is released by the tool’s NAV Partner and forwarded only to the external Auditor.

    This NAVCLARC Change Log is “always on” and cannot be shut of or manipulated even if 2 of the 3 parties mentioned above join forces – and the NAV Partner surely will not do so 😉

    If you wish to learn more please feel free to contact me: eric.otten@dynamicsexperts.de

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

six − one =

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Enjoy this blog? Please spread the word :)