Discover Sensitive Data
Create an end-to-end scenario for discovering and classifying sensitive data.
About this task
Discovery and classification processes become important as the size of an organization grows and sensitive information like credit card numbers and personal financial data propagate to multiple locations. This often happens in the context of mergers and acquisitions or when legacy systems have outlasted their original owners. As a result, sensitive data may exist beyond the knowledge of the person who currently owns that data. This is a common yet extremely vulnerable scenario, since you cannot protect sensitive data unless you know it exists.
- Discovery: locating the sensitive data that exists anywhere in your environment
- Protection: monitoring and alerting when sensitive data is accessed
- Compliance: creating audit trails for reviewing the results of sensitive data discovery processes
The Discover Sensitive Data end-to-end scenario builder streamlines the processes of discovery, protection, and compliance by integrating several Guardium® tools into a single user-friendly interface.
|Discover||Name and Description||Provide a name and description for the scenario and its related processes and policies.||
Creates a classification process and classification policy.
Optionally creates new datasource definitions.
|What to discover||Create rules and rule actions for discovering and classifying data.|
|Where to search||Identify datasources to scan.|
|Run discovery||Run the scenario, review the results, and define ad hoc grouping and alerting actions.|
|Protect||Review report||Creates an access policy.|
|Comply||Audit||Define recipients, a distribution sequence, and review options.||Creates an audit process.|
|Schedule||Create a schedule to run at defined intervals.|
This sequence of tasks guides you through the processes of creating a new discovery scenario. This includes creating classification policies consisting of rules and rule actions for discovering sensitive data, creating classification processes by identifying datasources to scan for sensitive data, defining ad hoc policies (for grouping and alerting, for example), and creating audit processes that distribute results to different stakeholders at scheduled intervals.