search cancel

Privacy Configuration in Cloud SWG


Article ID: 253279


Updated On:


Web Security Service - WSS


To address privacy and compliance requirements for various jurisdictions and organizations Cloud SWG has granular controls to suppress Personally Identifiable Information (PII) in web access logs.

These settings can be either global or based on:

  • Source Geographic Location (source country)
  • User Group
  • Hard coded location (like an office)

By default User/Group, Device Info, Client IP and Geolocation are suppressed globally and this is configured during the initial configuration but can be modified at any time.

Administrators can choose to:

  • Log Normally
  • Suppress User/Group and Device Info
  • Suppress User/Group, Device Info, Client IP and Geolocation
  • Do not log at all

These settings will have ramifications for what logs and fields are available in both the portal and log export.

If fields are suppressed, administrators would see ‘Suppressed’ for the Username field for example.


The initial configuration is the second step during the initial configuration wizard. This is where administrators can select the global setting. 

Post initial configuration in order to set granular privacy settings based on geo, group or location:

  1. Browse to Account Configuration > Data Retention & Privacy

  2. The default configuration can be modified here, or specific settings can be added at the bottom of the screen.

  3. To configure a new setting different from the default click Add and choose the setting desired. For example to suppress all logging for the Principality of Liechtenstein: 
    1. Click Add
    2. Select a privacy level of Do not log any data
    3. Select Liechtenstein-Geo from the list
    4. Click Add
    5. Click Save