Protecting Data Stored in Actions


Actions are commands that an application uses to request data or an action from another application. By themselves, actions have no security implications. However, data is sometimes transferred from one application to another, and this data is logged in a manner similar to context data. To protect this data, take the following precautions:

  • Avoid placing sensitive data in the action data field.
  • If you are not generating action reports, then you should disable logging of actions.

If you are running reports against actions, but the data fields are not needed for those actions, then the data fields should not be logged into the database. You can disable or modify logging of data in the Context Web service by using AddInteraction() and AddApplicationState().

Show: