Data Privacy and Data Masking: Difference between revisions
(Review: oprava syntaxe tučného textu a oddělovačů v tabulce) |
(Review: oprava neexistující šablony Hint na Note) |
||
| Line 50: | Line 50: | ||
* '''Prefix Lookup:''' A number resolution feature that can display names or labels instead of raw phone numbers in the GUI. Note: This is designed for operational convenience (showing customer names or location codes), **not** data privacy masking. | * '''Prefix Lookup:''' A number resolution feature that can display names or labels instead of raw phone numbers in the GUI. Note: This is designed for operational convenience (showing customer names or location codes), **not** data privacy masking. | ||
{{Note|1=Prefix lookup is not a security feature. The underlying phone numbers are still accessible in the database and cannot be restricted by user role.}} | |||
* '''SIP Response Text Masking:''' For masking phone numbers that appear in the <code>lastSIPresponse</code> text field (e.g., <code>"404 Not Found for 123456789"</code>), see [[Sniffer_configuration#cdr_sip_response_number_max_length|cdr_sip_response_number_max_length]] in the sniffer configuration. | * '''SIP Response Text Masking:''' For masking phone numbers that appear in the <code>lastSIPresponse</code> text field (e.g., <code>"404 Not Found for 123456789"</code>), see [[Sniffer_configuration#cdr_sip_response_number_max_length|cdr_sip_response_number_max_length]] in the sniffer configuration. | ||
Revision as of 17:59, 6 January 2026
VoIPmonitor provides options for data privacy and compliance, particularly for IP address anonymization. However, some data masking requirements (such as phone number masking) have inherent limitations due to system design considerations.
IP Address Anonymization
VoIPmonitor includes a robust feature for anonymizing IP addresses at the database storage level. This is useful for privacy compliance (e.g., GDPR) or hiding internal network topology.
For complete configuration details, see Groups: IP Anonymize Rewrite Rules.
Configuration Scope
- Applies only to **new data** processed after saving the configuration
- Existing records in the database are **not** retroactively anonymized
- Anonymized values are stored in the database, affecting CDR views, reports, and API responses
Anonymization Methods
- Replace specific IPs with anonymized values
- Anonymize network prefixes while preserving host addresses (1:1 mapping)
- Full CIDR mask support (0-32) for flexible rewriting rules
Phone Number / DID Masking Limitations
Masking or anonymizing phone numbers (DIDs) in VoIPmonitor has significant limitations due to system architecture and data usage patterns.
Why Phone Number Masking Is Not Supported
Phone numbers (the caller and called fields in CDRs) are fundamental to VoIPmonitor's core functionality:
- CDR Storage: The
cdrtable stores phone numbers as indexed fields used for searching, filtering, and grouping - CDR Filtering: Phone numbers are primary search criteria in the CDR view and reports
- Grouping and Statistics: Call volume analysis, traffic patterns, and cost calculations all rely on full phone numbers
- Trunk Routing Analysis: Call routing decisions and trunk utilization metrics depend on complete number patterns
- Alert Rules: Alert configurations and triggers often match based on phone number patterns
If phone numbers were masked or hashed before storage, these features would not function correctly.
Potential Alternative: Role-Based GUI Display Masking
Role-based masking in the GUI display only is not currently a VoIPmonitor feature.
This would involve showing masked values to users based on their permission level while storing complete numbers in the database. This functionality does not yet exist in the current product.
What IS Possible: Related Features
While phone number masking for privacy compliance is not available, these related features exist:
- Prefix Lookup: A number resolution feature that can display names or labels instead of raw phone numbers in the GUI. Note: This is designed for operational convenience (showing customer names or location codes), **not** data privacy masking.
ℹ️ Note: Prefix lookup is not a security feature. The underlying phone numbers are still accessible in the database and cannot be restricted by user role.
- SIP Response Text Masking: For masking phone numbers that appear in the
lastSIPresponsetext field (e.g.,"404 Not Found for 123456789"), see cdr_sip_response_number_max_length in the sniffer configuration.
Recommendations for Privacy Compliance
If you require phone number masking for privacy compliance (e.g., GDPR, PCI DSS, or local data protection regulations):
1. Database-Trigger Based Masking: Implement database triggers to mask phone numbers during queries or export processes. This preserves full CDR functionality while protecting data in exports.
2. Application-Level Masking: Build an API proxy or reporting layer that retrieves CDR data from VoIPmonitor and applies role-based masking before presenting data to end users.
3. Separate Database Instances: For strict compliance scenarios, consider maintaining a read-only privacy-focused instance of the database with masked data, while using the main VoIPmonitor database for operational analysis.
4. Consult with Support: Contact VoIPmonitor support for guidance on your specific compliance requirements and potential custom solutions.
Comparison Table
| Data Type | Storage-Level Masking | GUI Display Masking | Notes |
|---|---|---|---|
| IP Addresses | ✅ Supported (IP Anonymize) | ✅ Same as storage (stored values are changed) | Affected by anonymization rules in Groups configuration |
| Phone Numbers (DIDs) | ❌ Not available | ❌ Not available | Storage masking prevents CDR filtering/reports; GUI display masking is not implemented |
| SIP Response Text | ✅ Supported (sniffer config) | ✅ Same as storage | Configuration in voipmonitor.conf only
|
AI Summary for RAG
Summary: VoIPmonitor provides built-in IP address anonymization at the database storage level via Groups configuration. Phone number masking (DIDs) is not supported because full phone numbers are required for CDR filtering, grouping, statistics, and alert functionality. Role-based GUI display masking for phone numbers is not currently a feature. Prefix Lookup provides number-to-name mapping for operational convenience but is not a security/privacy feature. For strict privacy compliance requiring phone number masking, consider external solutions like database triggers, application-level masking, or separate masked database instances.
Keywords: privacy, GDPR, data masking, anonymization, IP address anonymization, phone number masking, DID masking, Prefix Lookup, role-based access control, CDR filtering, compliance, IP anonymization rewrite rules
Key Questions:
- Can I anonymize IP addresses in VoIPmonitor for GDPR compliance?
- Does VoIPmonitor support phone number masking for privacy?
- Why is phone number masking not supported in VoIPmonitor?
- What is the difference between Prefix Lookup and phone number masking?
- How can I achieve phone number privacy compliance with VoIPmonitor?
- Can I mask numbers stored in the CDR database?
- Is role-based GUI display masking of phone numbers available?
- What data masking features are available in VoIPmonitor?
- Does IP anonymization apply to existing CDR records retroactively?
- How does phone number masking affect CDR filtering and statistics?