Discover Sensitive Data

Create an end-to-end scenario for discovering and classifying sensitive data.

About this task

Discovery and classification processes become important as the size of an organization grows and sensitive information like credit card numbers and personal financial data propagate to multiple locations. This often happens in the context of mergers and acquisitions or when legacy systems have outlasted their original owners. As a result, sensitive data may exist beyond the knowledge of the person who currently owns that data. This is a common yet extremely vulnerable scenario, since you cannot protect sensitive data unless you know it exists.

Sensitive data discovery scenarios span three critical aspects of enterprise security:
  • Discovery: locating the sensitive data that exists anywhere in your environment
  • Protection: monitoring and alerting when sensitive data is accessed
  • Compliance: creating audit trails for reviewing the results of sensitive data discovery processes

The Discover Sensitive Data end-to-end scenario builder streamlines the processes of discovery, protection, and compliance by integrating several Guardium® tools into a single user-friendly interface.

Table 1. Discover sensitive data tools map
Value Scenario Task Description Result
Discover icon Discover Name and Description Provide a name and description for the scenario and its related processes and policies.

Creates a classification process and classification policy.

Optionally creates new datasource definitions.

What to discover Create rules and rule actions for discovering and classifying data.
Where to search Identify datasources to scan.
Run discovery Run the scenario.
Protect icon Protect Review report Review the results and define ad hoc grouping and alerting actions. Creates an access policy.
Audit icon Comply Audit Define recipients, a distribution sequence, and review options. Creates an audit process.
Schedule Create a schedule to run at defined intervals.

This sequence of tasks guides you through the processes of creating a new discovery scenario. This includes creating classification policies consisting of rules and rule actions for discovering sensitive data, creating classification processes by identifying datasources to scan for sensitive data, defining ad hoc policies (for grouping and alerting, for example), and creating audit processes that distribute results to different stakeholders at scheduled intervals.

What to do next

Continue to the next section and begin creating a discovery and classification scenario.