GDPR (DSGVO) with WinCC OA

Discussion about security topics in WinCC OA!
Search

Post Reply
9 posts • Page 1 of 1
User avatar
innovis
Posts: 8
Joined: Mon Mar 26, 2012 3:01 pm

GDPR (DSGVO) with WinCC OA

Post by innovis » Wed Jul 11, 2018 7:39 am

Has anyone already experience in applying the GDPR to a WinCC OA System (storing and deleting of personal data, logs, archives)? What could be a feasible approach?

User avatar
adaneau
Posts: 188
Joined: Tue Feb 21, 2012 8:49 am

Re: GDPR (DSGVO) with WinCC OA

Post by adaneau » Fri Aug 03, 2018 6:28 am

Hi,

Not sure if GDPR applies to most of us:

https://www.eugdpr.org/gdpr-faqs.html

If really needed, I would first use the new system notification for setting up parameters and printing conditions.

I would also use the login framework to delete user information after logout.

I guess it should be enough...

BR
Alex

User avatar
innovis
Posts: 8
Joined: Mon Mar 26, 2012 3:01 pm

Re: GDPR (DSGVO) with WinCC OA

Post by innovis » Mon Aug 06, 2018 4:21 pm

Hi,

Well, the user id is saved in WinCC OA e.g. with alert acknowledge and there is no known way (or at least I don't know any) to remove it.
So, do we need the explicit consent of the user before login into a system (you don't need to print the conditions, a simple notification would be enough, I think)?
What should we do if the user withdraws the consent (of course, you should provide an easy way of removing it)? Would it be enough to deactivate the user and delete its user name?

Best,
Eva

User avatar
adaneau
Posts: 188
Joined: Tue Feb 21, 2012 8:49 am

Re: GDPR (DSGVO) with WinCC OA

Post by adaneau » Tue Aug 07, 2018 9:21 am

Hi,

id isn't sensitive information without username. If you delete the user at logoff, then id will refers to nothing which I guess is enough.

Gertjan van Schijndel
Posts: 634
Joined: Mon Aug 02, 2010 8:37 am

Re: GDPR (DSGVO) with WinCC OA

Post by Gertjan van Schijndel » Tue Aug 07, 2018 9:32 am

The user id could be indirectly be used to identify a person, so it falls under GDPR. But it depends on if the users use a personal login or multiple users share some common login(s) (for example all operators use the same user).

User avatar
innovis
Posts: 8
Joined: Mon Mar 26, 2012 3:01 pm

Re: GDPR (DSGVO) with WinCC OA

Post by innovis » Tue Aug 07, 2018 10:07 am

This is precisely my point. The customer is also using SSO, so theoretically you can get access to ALL data.

User avatar
adaneau
Posts: 188
Joined: Tue Feb 21, 2012 8:49 am

Re: GDPR (DSGVO) with WinCC OA

Post by adaneau » Wed Aug 08, 2018 1:54 pm

Hi,

If you delete the users at logout, then you break the link between user and id no? As WinCC OA saves ack/setpoint/comments using user id, thus you have no way to know real username of a disconnected user (as it is not existing in system)

Also if all your users are having access to all data, then you should consider using Authorization Check Plug-in to put some restrictions, avoiding to let sensitive data available to any connected user.

BR
Alexandre

User avatar
innovis
Posts: 8
Joined: Mon Mar 26, 2012 3:01 pm

Re: GDPR (DSGVO) with WinCC OA

Post by innovis » Wed Aug 08, 2018 2:25 pm

I think I didn't explain myself clearly. I don't pretend to delete the user name on logout, but just when the user withdraws his consent. You can put "Anonymous" instead of the user name to break the relationship between user name and id (not sure how WinCC OA reacts to an unknown AD user in the table). But I ask myself, if this would be enough or if there are other issues which should be taken into account.

And by "having access to all data" I meant that once you have the user name in an SSO system, you could obtain theoretically access to all data contained in AD relating this user, and that could be a lot. That's why I mean that a WinCC OA application should be concerned about GDPR, specially if it is using SSO.

Gertjan van Schijndel
Posts: 634
Joined: Mon Aug 02, 2010 8:37 am

Re: GDPR (DSGVO) with WinCC OA

Post by Gertjan van Schijndel » Thu Aug 09, 2018 6:53 am

Alexandre Daneau wrote:
If you delete the users at logout, then you break the link between user and id no?

With the default settings the '_Ui_.UserName' is archived and could be used to retrieve the user name (even after another name has been assigned to the user id).

Post Reply
9 posts • Page 1 of 1