Managing EU users under GDPR
European Union (EU) members have additional data protection rights under the General Data Protection Regulation (GDPR) standard. The Ivanti Mobile Threat Defense GDPR profile protects member data from being exposed to integration partners, API developers and administrators.
Before you can assign the GDPR profile to a user, you must enable the feature in
- From the Ivanti EPMM Admin Portal, navigate to Settings > Users & Devices > GDPR profile.
- Click GDPR Profile. The GDPR Profile page displays.
Click Enable GDPR Profiles to be assigned to users. The Default GDPR Profile options display.
By default, all of the fields are selected.
- Click the blue pencil in the upper-right corner to edit the profile defaults.
Disable GDPR for any fields that you do not want to hide by deselecting the check box for the field.
Field options include:
- User ID
- Person Name
- Email address
- Phone Number
- International Mobile Equipment Identity (IMEI)
- Serial Number
- Integrated Circuit Card ID (ICCID)
- International Mobile Subscriber Identity (IMSI)
- Mobile Equipment Identifier (MEID)
When hidden, the serial number and IMEI display as empty fields, the rest as asterisks: *****
Your GDPR profile elections display. In this example, the User ID will display in clear text, but the other fields will be hidden.
Figure 1. GDPR Profile elections
Once the GDPR profile is enabled, you must assign API users to it.
When the GDPR profile is enabled for a user, some functionality and edit rights in the
Figure 2. GDPR reminder banner
- From the Ivanti EPMM Admin Portal, navigate to Devices & Users > Users. The Users page displays.
- Click the pencil icon to the left of the user name to edit the user profile. The Edit User dialog box opens.
Click Enable GDPR to assign a user to the GDPR profile.
Figure 3. enable GDPR checked for GDPR user
The Users page now displays Yes in the GDPR Profile Enabled column for users you have enabled.
Figure 4. Confirm that the GDPR profile has been enabled
Once GDPR has been enabled for an administrator or API user, they will not be able to see device and user information. When they navigate to Devices & Users > Devices, the GDPR fields display as asterisks, or a blank field.
Figure 5. Device and user information after applying GDPR