Venafi Telemetry and Analytics FAQ

Background:

Since version 17.1, Venafi has collected analytics and other telemetry from the Venafi Trust Protection Platform.

Q: What has changed in how and what Venafi collects over the Versions of TPP?

A: The following Table Represents the high level changes:

Version	What Changed
TPP 17.1	Added the option at installation/upgrade to email Venafi the License report and the Usage Statistics Report
TPP 17.3	Emailing of the License Report was no longer optional Venafi enabled the optional collection of user behavior within the Web User Interface (ex: what pages were visited and what screen elements were clicked on) Venafi enabled the optional collection of TPP version, Environment Type organization name, and the TPP roles/permissions of users who logged in
TPP 18.1	The Usage Statistics Report was updated to include the company name and environment type The Usage Statistics Report was updated to include additional details on usage of Advanced Key Protect
TPP 19.2	Venafi Telemetry collection was no longer optional The Usage statistics report is sent to Venafi via TLS instead of SMTP (email) Venafi published a data privacy policy for TPP at: https://docs.venafi.com/Docs/current/TopNav/Content/Public/r-privacy-policy.php  Note: An issue was identified where telemetry collection would cause performance issues in WebAdmin on systems that did not have internet access.  This issues has been fixed in 19.2 and is being included in all future patches for previous releases.

 

Q: What are the advantages of automatically sending the usage data and Licensing report to Venafi?

A: Collecting aggregate statistics helps us to improve software, prioritize work based on features that customers are actively using, and troubleshoot issues. We do not expose any sensitive information received from you. In addition, you will be freed from manual tasks such as license usage upload.

Uploading the data will increase the chances of Venafi Customer Support predicting issues before they have significant impact and proactively reaching out, avoiding deprecation of features that are actively used.

Q:  How does my providing this new Usage Report and web analytics tracking data to Venafi benefit me?

A:  The data that you share with Venafi will directly influence the evolution of the platform in ways that will better serve your organizational needs and will result in benefits such as:  

• New Venafi patch alerts for your specific version of Venafi Trust Protection Platform
• Venafi is able to proactively fix critical bugs and performance problems that are affecting customers without them needing to be reporting through customer support (coming soon)
• Real-time security notifications that allow you to reduce security risk
• Interactive help and training guidance to help you improve use of the Venafi Platform (coming soon)
• New and enhanced features based on behavioral data of users
• Accelerated ROI with recommended Venafi Platform features and use cases
• Increased Venafi Platform knowledge with contextual, guided training alerts
• Increased ability to meaningfully influence development of the Venafi Platform based on aggregated, real life usage analytics

Q: What is the exact data that is being collected and sent?

A:  Usage data can broken down to the following categories:

• License Report (the actual license report generated in the WebAdmin Reports Tree)
• Usage Report (the actual usage report generated in the WebAdmin reports Tree. The full list of information that is being sent is available here. You'll be required to sign in first.)
• User telemetry on how the Web Interfaces are used (ex: what features are most used, what features are users having the most difficult time being successful with, etc)
• Metadata about the TPP Deployment (how old is the installation, what version it is on, the Company Name the deployment is registered to, the type of deployment)
• Metadata about the TPP user (what roles do they have, what is their Aperture menu structure, what browser is used)

You can always review the data that is being sent in the two reports by downloading the report from the Web Administration console.

Q: How secure is the data upload?

A: Starting in 19.2, the usage report is automatically sent over TLS 1.2 to venafi.com.

In older versions of TPP, the the data was being sent as an email attachment to reports@venafi.com.  If you have concerns about the reports being emailed we recommend upgraded to TPP 19.2 or higher

 

Q: Is Internet access from the Trust Protection Platform host to the Venafi site required?

A: No, the telemetry is gathered from the web browser of the users leveraging WebAdmin and Aperture (similar to how Google Analytics runs, if you are familiar with that product) and is sent encrypted over TLS 1.2 to venafi.com from the desktops and laptops of users.

In older versions of TPP, the data was sent via email using the email settings in the reporting module of TPP, but these emails are no longer necessary.

Q: What specific telemetry is gathered about user's behavior in WebAdmin and Aperture?

A: The telemetry feature collects the URL of the page visited, and information about where on a page a user clicks. The telemetry feature does not collect any user-entered text or information within form fields in your application. The names of fields, buttons, and other elements within the page are captured with the application data which makes for easier tracking, but no user-supplied information is included.

Q: What configuration do I need to enable data upload?

A: As of 19.2, no configuration is necessary.

Q: Does Venafi have a Data Privacy Policy?

A: Yes, it is available here. Authentication is required.

Sample Usage Report
More details on the usage report are available.