Search for sensitive data
Identify database tables that contain sensitive data and add those tables to groups for monitoring.
Procedure
-
From the Search for sensitive data section, choose one option for
identifying sensitive data.
- The Scan for tables option uses the Guardium classifier to discover
tables containing sensitive objects in your databases. The classifier requires credentials with
adequate database privileges to perform the scan.
- Use check boxes to select databases. Databases that are ready for scanning show a icon in the Ready for classification column. If needed, use the Add credentials link to specify login credentials for scanning a selected database.
- Click Test connection to verify that the supplied credentials are valid for the databases being tested. The connection test does not verify that the supplied credentials have adequate database privileges to perform the classification scan.
- If you already know where the sensitive data is located in your databases, select
Manually define table names to manually define the table names or import a
CSV file containing a list of table names that contain sensitive data.
- Click the Browse button and identify a comma separated value (CSV) file containing sensitive objects.
- Set the Field delimiter value to the separator used in the CSV file. The default value is a comma (,).
- The Column to import menu displays columns from the selected CSV file. Use the menu to select the column containing sensitive object.
- Click the Load button to add the sensitive objects to the Member table. Repeat the previous steps to import multiple columns or multiple CSV files.
- In the Member table, add items by clicking the icon or remove items by selecting items and clicking the icon.
- The Skip for now option allows you top identify the sensitive data in your databases at a later time. However, compliance monitoring policies depend on knowing where to look for sensitive objects, and your compliance monitoring strategy will not be complete until you complete this step. Return to the Search for sensitive data section at any time to complete this configuration.
Attention: When working with custom policies, Skip for now is the only available option. Use the Discover Sensitive Data tool to search for sensitive data on systems monitored with custom policies. - The Scan for tables option uses the Guardium classifier to discover
tables containing sensitive objects in your databases. The classifier requires credentials with
adequate database privileges to perform the scan.
- Click Next to continue through the wizard or click any of the enabled sections to edit its configuration.