Why is User PII Data Collected?
- Multiple User Interface
- Movere Console
- User PII Collected via the Movere Multiple User Interface
- User PII Collected via the Movere Console
- User PII Collected During an Actual Resource Consumption Scan
Why is User PII Data Collected?
Movere has two separate modules. The first, referred to as the Multiple User Interface is a two-factor authentication gateway through which Movere users enter their tenancy (customer), or tenancies (partner), that they are authorized to access. The second is the Movere research platform through which users access and interact with the data collected via the Movere Console. User PII data is collected in both modules.
For the purposes of GDPR and data privacy, all data collected via the Movere Registration Process and through the Multiple User Interface (MUI) is Movere Controller data and data collected via the Movere Console and its components, including the Inventory and Actual Resource Consumption (ARC) Bots, is considered Movere Processor data.
Multiple User Interface (MUI)
User PII data collected in the Multiple User Interface is used to create each user’s Movere account. The first item is the user’s corporate email address, which serves two purposes. The first is the invitation process. Users can only be invited via a corporate email address, into the Movere platform. The email address used then serves a second purpose, which is the user’s Movere ID. This is pre-populated in the Movere registration page and cannot be changed.
During the registration process, the user is asked to provide the following data points:
- First and Last Name;
- Job Title; and
- City, State, Country and Postal Code.
These data points ARE NOT mandatory; these items are only requested to simplify user administration. For example, it is easier to identify system or database administrators if the job title field is completed accurately versus inserting a value like ‘blank’:
To complete the registration process, users are also asked to provide:
- A Phone Number country code which can be either a land line or mobile device (this is the number the SMS confirmation code will be sent to); and
- The Password they want to use to access
These data points ARE mandatory and failure to provide a valid phone or password that satisfies Movere’s minimum password com- plexity rules will prohibit the user from accessing the Movere platform.
NOTE: Nobody other than the user can specify what their password is, i.e. a user cannot ask a tenant administrator to set their password for them. Tenant administrators can only force the user to reset their password the next time they log in.
The registration page also includes an inline password strength indicator to guide the user’s password creation. Passwords must meet the following complexity requirements:
Only contain standard alpha-numeric characters and common symbols;
- Be at least six characters long;
- Use both upper and lowercase letters;
- Include at least one number; and
- Include at least one special
Movere Console
User PII data collected via the Movere Console comes from several separate sources (refer below). This data is owned by the cus- tomer and customers can use it for any desired purpose, as such NONE of the PII data points collected via the Movere Console are considered mandatory. Therefore, it is important to understand why these data points are collected.
Movere is an automated data integration platform. Data collected from Active Directory is automatically integrated with data collected from sources such SCCM, vCenter and SharePoint. However, Movere is not dependent on any one source of data. For example, devices can still be targeted and scanned without querying Active Directory. Actual Resource Consumption data can be collected from Windows and Linux Servers without querying the hypervisor(s) they reside on, and asset management systems like SCCM, Altiris, LANDesk, LanSweeper and BigFix can be queried without having to scan all Windows devices.
While Movere can be used to collect and process data from each of these sources independently, it is the automated integration of these disparate data sources coupled with the presentation via visualizations with associative dimensions that converts the raw data into actionable information.
While User PII data is collected by the Movere Console for a multitude of reasons, some of the most common uses include the identification of:
- The primary user of each device;
- Stale user accounts;
- Users logging into a domain outside of the domains password reset policy;
- External parties g. contractors, consultants etc. who have been given user accounts that are no longer being used or have never been logged into;
- Users connecting directly to specific SQL databases;
- Office 365 subscriptions assigned to users who have been blocked from signing in;
- Users with products on their primary device which are inconsistent with their job title g. Visual Studio on a Sales Representative’s device;
- Mobile devices actively synchronizing with mailboxes they should not be connecting to;
- Employee versus non-employee accounts based on employee ID or number;
- SharePoint sites that are no longer being used;
- How and when a user last logged into a device;
- The administrator(s) of systems that are no longer in use and could be decommissioned;
- Devices registered to other
Avoiding User PII and the Consequences
Registration and access to Movere requires a valid corporate email address and phone number. Failure to provide these items will prohibit the user from accessing the Movere website. Failure to provide the non-mandatory items including first name, last name, job title etc. may complicate the administration of user account for the customer, but will not prohibit the user from accessing the Movere website.
In the ‘User PII collected via the Movere Console’ section below we have identified the User PII data points Movere gathers from each source i.e. Active Directory, Office 365, SharePoint etc. There is no way to exclude individual data points when collecting data from these sources via the Movere Console. The only way to avoid collecting User PII from a specific source is to not target that source
i.e. do not query Active Directory, do not query Office 365, do not query SharePoint. The consequences from not collecting data from these sources only impacts the customer, which is why they are not mandatory. If they are not collected, then the customer cannot use Movere to research the deployment and use of these products.
User PII Collected via the Movere Multiple User Interface
| Profile | Description |
| First Name | The first name the user entered when completing their Movere registration |
| Last Name | The last name the user entered when completing their Movere registration |
| Job Title | The job title the user entered when completing their Movere registration |
| City | The city the user entered when completing their Movere registration |
| State/Province | The State/Province the user entered when completing their Movere registration |
| Country | The Country the user entered when completing their Movere registration |
| Postal Code | The postal code the user entered when completing their Movere registration |
| The corporate email address the user’s Movere invitation was sent to (cannot be changed) | |
| Phone Number Country Code | The Country code for the phone number the user provides for two-factor authentication |
| Phone Number | The phone number the user provides for two-factor authentication |
User PII Collected via the Movere Console
Active Directory
| User | |
| DN | User’s distinguished name ‘CN=Andrew Ireland,CN=Users,DC=io,DC=priv in Active Directory’ |
| Cn | User’s common name in Active Directory e.g. ‘Andrew Ireland’ |
| sAMAccountName | User’s logon name in Active Directory e.g. ‘aireland’ |
| Name | User’s full name in Active Directory e.g. ‘Andrew Ireland’ |
| Co | If used, specifies the user’s Country e.g. ‘United States’ |
| Sn | User’s last name e.g. ‘Ireland’ |
| givenName | User’s first name e.g. ‘Andrew’ |
| Title | If used, represents the user’s job title e.g. ‘Chief Evangelist’ |
| displayName | The user’s display name in Active Directory e.g. ‘Andrew Ireland’ |
| department | If used, specifies the user’s department e.g. ‘Accounting’ |
| company | If used, represents the user’s company e.g. ‘Unified Logic’ |
| User’s email address e.g. ‘aireland@movere.io’ | |
| employeeID | If used, represents the user’s employee ID |
| employeeNumber | If used, represents the user’s employee number |
| employeeType | If used, represents the user’s employee type e.g. staff, vendor, contractor, consultant etc. |
Exchange Server
| Mailbox | |
| SamAccountName | User’s logon name |
| WindowsEmailAddress | The mailboxes email address |
| Identity | The mailbox identity e.g. io.priv/Users/Andrew Ireland |
Office 365
| Subscriptions | |
| UserID | The user’s ID in Office 365 |
| DisplayName | The user’s display name e.g. Andrew Ireland |
| FirstName | The user’s first name e.g. Andrew |
| LastName | The user’s last name e.g. Ireland |
| UserPrincipalName | The user’s principal name, typically the same as their sign in name |
| Title | The user’s job title |
| Department | If used, specifies the user’s department e.g. Accounting |
| Company | The user’s company |
| City | The user’s city |
| State | The user’s state |
| Country | The user’s country as selected in Office 365 |
| UsageLocation | The user’s country of usage e.g. US |
| SignInName | The email address the user signs into Office 365 with |
| WindowsLiveID | The user’s Windows Live ID |
| MicrosoftOnlineServicesID | The user’s Microsoft Online Services ID |
| Alias | The user’s account alias |
| PrimarySmtpAddress | The user’s primary SMTP email address |
| WindowsEmailAddress | The user’s Windows email address |
| Identity | The user’s identity |
Sharepoint
| User List | |
| tp_SiteID | The SharePoint sites Site ID |
| tp_ID | The SharePoint user’s site specific ID |
| tp_Login | The SharePoint user’s login name |
| tp_Type | The SharePoint user’s connection type |
| tp_Title | The SharePoint user’s display name |
| Members | |
| WebId | The SharePoint sites Web ID |
| UserId | The SharePoint user’s site specific ID |
| SiteId | The SharePoint sites Site ID |
| tp_Login | The SharePoint user’s login name |
| tp_Type | The SharePoint user’s connection type |
| tp_Title | The SharePoint user’s display name |
Device
| Device User | |
| UserName | The name(s) of the users who have connected to the device |
| UserDomain | The domain the user(s) who have connected to the device are a member of |
| ConnectionMethod | The type of connect each user has made to the device e.g. Interactive |
| LogonDateTime | The date/time the connection was made |
| TotalMins | The total number of minutes connected |
| TotalLogons | The total number of logons |
| Geography | |
| City | The name of the city the ISP provider returned for the device |
| Country | The name of the country the ISP provider returned for the device |
| CountryCode | The country code the ISP provider returned for the device |
| Latitude | The latitude the ISP provider returned for the device |
| Longitude | The longitude the ISP provider returned for the device |
System
| IP Address | The IP address for each network card installed in the device |
| RegUser | The user the device is registered to |
| LastUser | The last user of the device before it was last inventoried |
User PII Collected During Movere Actual Resource Consumption Scan
Windows Server
| Events | |
| UserName | The user/service name corresponding to the event |
SQL Server
| Connections | |
| LoginName | The user/service account being used to connect to the SQL database |