How to access Sensitive Data - unmasking Request
You need to go through the following procedure to request access to the sensitive data which are masked. This page describes the steps to unmask the business data which are categorized as sensitive according to the Data Classification Policy.
Security process for unmasking the sensitive data consists of the following steps:
-
Application Architecture Information Form
-
DataMoat Integration
-
Security requirements
-
Security Due Diligence
-
Vulnerability assessment
-
Verification
Procedure
Apply for Unmasking Data
Login to https://open.proyectoarise.com > APP Console > Click Manage under Action > Sensitive Data Privilege > Apply Unmask
- The page is automatically redirected to the Data Registration App.
- It is mandatory to complete the Datamoat security review process for requested APPKEY within 2 weeks after that any request "In Progress" status will be closed by the system and then need to request for the unmask data again from step 1.
Step 1. Fill in your Application Architecture Information Form
Once you are in the DataMoat Console, please fill in and submit the information about your application architecture.
- Please use https and make sure the URL is accessible, otherwise there is a possibility that your application is rejected.
- Please refer to Data Flow Diagram document if you are not sure what to upload
Step 2. Your application is being reviewed (No action required)
The status should now change to Under Review . Miravia will review the application form you have submitted in the previous step.
- We are pleased to receive a large amount of interest! However, please expect a delay in our response although we are trying our best to reach out to you as soon as possible. Should you have questions, please raise a ticket to us from Contact Us .
Step 3. DataMoat Integration
The type of security controls depend on Step 2 review result, however, typically this step consists of :
- Security Requirements (password)
-
Security Due Diligence
Step 3.1. Security Requirements
This is the list of our security requirement.
- Please state how your application is complying with each item by clicking Provide details under Requirement Compliance
Step 3.2. Security Due Diligence
Please fill in the Security Due Diligence information required:
- Please use https and make sure the URL is accessible. We will reject applications with invalid URL.
- Please undertake necessary and effective remediation actions for all the Critical and High risk findings which Miravia notifies you of. You should only submit for step 3.2 again after you have carried out the above.
- We will reject the request with unremediated risks.
Security Due Diligence overview:
- Your application's public domain will be onboarded to Upguard and Miravia will monitor and assess your security posture, track your performance over time and compare you against industry benchmarks.
- If there is any risk identified, this step will be marked as "Not Pass" with feedback provided in the "Problems and fix suggestions" section.
- Risk findings will be informed via an UpGuard email notification which contains a link to UpGuard. Upon clicking the link, you would be directed to the UpGuard site which will display the details of the corresponding risks.
- Login to: https://help.upguard.com/en/articles/4340759-how-to-respond-to-a-remediation-requestPlease read through the risk findings and recommendations. Once all the risks are fixed, please submit this step.
Step 4. Final Verification (No action required)
You will be notified once verification is complete via an email or message center on MiraviaOP console.
Step 5. Complete
The sensitive data is now unmasked.
Any Questions?
Please raise a ticket from Contact Us under Security Review question category.
FAQ
关于此文档暂时还没有FAQ
