As with any third-party service, it’s important to understand what data is being sent to Sentry, and where relevant, ensure sensitive data either never reaches the Sentry servers, or at the very least doesn’t get stored.
There are two great examples for data scrubbing that every company should think about:
- PII (Personally Identifiable Information) such as a user's name or email address, which post-GDPR should be on every company's mind. Authentication credentials, like your AWS password or key.
- Confidential IP (Intellectual Property), such as your favorite color, or your upcoming plans for world domination.
Sentry offers three methods to scrub data. The first, which is our recommended method, is to scrub data in your SDK. The second two methods use the Data Scrubber option available for both your Organization and individual Project settings.