Classification

Discovery and classification processes become important as the size of an organization grows and sensitive information like credit card numbers and personal financial data become present in multiple locations, often without the knowledge of the current administrators responsible for that data. This frequently happens in the context of mergers and acquisitions, or when legacy systems have outlasted their original owners. Creating workflows for discovering sensitive data allows you to identify sensitive data in your environment and take appropriate actions, such as applying access policies.

Classification processes consist of classification policies that have been associated with one or more datasources. Classification processes can be submitted to be run once or, if login credentials have been stored for all the datasources used in the process, scheduled to run on a periodic basis in a compliance workflow automation process.

Classification policies consist of classification rules and classification rule actions designed to find and tag sensitive data in specified datasources.

Classification rules use regular expressions, Luhn algorithms, and other criteria to define rules for matching content when applying a classification policy.

Classification rule actions specify a set of actions to be taken for each rule in a classification policy. For example, an action might generate an email alert or add an object to a Guardium group. Each time a rule is satisfied, that event is logged, and thus can be reported upon (unless ignore is specified as the action to be taken, in which case there is no logging for that rule).