Mark field as sensitive

01-06-2021 07:05 AM
Status: Open
Labels (1)
Occasional Contributor

It would be great to set a property on a field in a feature class/table as "sensitive", i.e. the field contains sensitive information.

We have good overview over which fields in each feature class/table contain sensitive information and have routines in place on database/Desktop level. As soon as it comes to published services, it is easy to loose track. Often, a feature class is part of a number of published services and one has to remember to turn off the field in the properties before publishing. We have of course forgotten to turn off certain fields and shared the item with more people in Portal and ArcGIS Online as necessary, leading to data leakage.

It would be much easier to get a warning when publishing the service, informing the user that fields marked as sensitive are visible in the service. Also, post publishing, we could run script, that spits out if the property of a field within a service that is "sensitive". The property would show up in the REST page of the item, see attachment. 

1 Comment

Another benefit of having a "sensitive" flag would be to allow publishing features with sensitive data after warning the publisher, and then having that flag propagate up to the feature service, web map, web apps, etc.

Then ArcGIS Online and ArcGIS Enterprise could check for that flag at all levels when a user tries to share an item that contains an item marked as sensitive. The user would get a warning that they are trying to share sensitive information and be blocked from sharing. A new privilege could be added to ArcGIS Online or ArcGIS Enterprise to allow some users to confirm the warning and share anyway.

Something else that would help would be creating a new icon similar to the Authoritative/Depreciated icons for items. That way there is also a visual aid to help warn users that they are accessing sensitive data.