Data management

Refer to Privacy Code 2024 in the Global Privacy Hub for more information on how Nexthink complies with applicable data protection standards across its cloud products.

Manage and oversee the lifecycle of your organization's employee data. Define the retention period of inventory and operational data, and comply with the data protection regulations for retrieval and deletion of data.

Accessing the Data Management page

Select Administration from the main menu.
Click on Data Management in the Content Management section of the navigation panel.

Data Management is only visible with Data management administrative permission and requires a none (full access) data privacy setting. Refer to the Roles page for more information.

Managing employee data

Manage employee data and comply with data protection regulations.

Data retention

Configure the data retention timeframe for your organization’s Nexthink instance.

Inventory data retention

Select the retention timeframe for inventory data. This setting applies to all inventory objects except binaries.

After you Save a data retention configuration, the changes apply only to active inventory objects. Inactive objects (those without events after the new configuration is saved) keep their original retention settings and will be removed from the system based on that original configuration.

The last_seen field in the NQL does not account for all the device connections to the Nexthink instance (such as TCP handshakes or remote actions), so it is not a reliable indicator of device retention period. Refer to NQL data model and Monitoring device last activity for more information.

Operational data retention

Select the retention timeframe for operational data. This setting applies to events collected from employee devices, alerts triggered by alert monitors, remote action executions and binaries. Operational data retention must be shorter or equal to inventory data retention.

After you Save a data retention configuration, the system applies the changes to all new events and all active binaries.

Refer to Data we collect and store and Data resolution and retention documentation for more information about data categories and retention periods.

Data retrieval

Retrieve data for any employee monitored by the Nexthink platform for the features and modules listed in the Data drop-down menu. Retrieve all other employee data directly using the Investigations module.

Username: Enter the username of the employee whose data you want to download.
Data: Select the feature or module to download the data from:
- Executions
- Sessions
- Applications
- Collaboration
- Campaigns

Click the Retrieve user data button. The system opens the Investigations page with the results of the NQL query, which you can export to a CSV format.

Data deletion

Nexthink provides a way to delete device and user data.

To delete devices or users from Nexthink cloud, prepare a CSV file containing one of the following:

List of users to delete
List of devices to delete

The CSV file should include only one type of object: either users or devices. To delete multiple object types, generate and upload a separate CSV file for each.

Create CSV file

The CSV files must contain the following columns:

User UIDs and SIDs

Example:

"user.uid","user.sid"
"03c59c0c-7e0e-4fc8-b473-7d4e80ec0eb5","S-1-5-19-xxxxxxxxxx"
"00dbc8e4-593d-42aa-a871-531aceaefc71","S-1-5-20-xxxxxxxxxx"

Device UIDs along with the corresponding device names

Example:

"device.name","device.uid"
"KAN-AMSTERDAM-OWV2DZ","c4b2dfeb-c7c2-403a-9a00-152a95f29d7c"
"KAN-AMSTERDAM-4RSOGR","6e424abd-ab2c-4666-ba03-306848a801fd"

Ensure that the CSV file is correctly formatted. Check for encoding issues, extra characters, header typos, or incorrect IDs. If unsure, generate CSV file using Investigations.

Generate CSV file using Investigations

Nexthink recommends generating the CSV file by retrieving the devices or users from the Investigations module:

Use the links displayed on the page (user or device) to begin with preconfigured queries.
Refine your query by applying the necessary filters to retrieve only the devices or users you want to delete.
Export the investigation results and generate a CSV file.

To generate a non-anonymized CSV in Investigations, your assigned role must have Data Privacy for users and/or devices set to Visible.

Upload CSV file

To upload a CSV file, drag it into the upload area or click Choose File to browse your computer. Once you have generated and uploaded the CSV file, click the Delete button to start the process. It can take up to 30 minutes to delete all data.

Once you start the deletion process, it is irreversible.

If you delete a device without uninstalling the corresponding collector, the device will be registered with a new UID within 12 hours, and Nexthink will start recording data associated with that device again. Any data sent after the deletion and before the new registration will be discarded.

Data anonymization (classic)

Some functionality described in this section is linked with Finder (classic).

Nexthink Finder is a Windows-only desktop application whose functionality is now available within the Nexthink web interface. Nexthink can now be used directly from a browser and most functions no longer require an additional desktop application.

Nexthink provides a way to anonymize data so that it no longer refers to either an employee or a device.

Select from the following options:

User: The system sets all the associated fields to null.
Device: The system sets all the associated fields to null.
Enter the Username or Device name depending on the option you chose in the previous step.

Click the Anonymize user data or Anonymize device data button to start the process.

Once you start the anonymization process, it is irreversible as the system anonymizes the values at the storage level.