Sensitive Data Discovery


BizDataX Sensitive Data Discovery module (SDD) helps business and technical stakeholder to search for a specific, sensitive data within a variety of data repositories. More often than not, database owners are not aware where, i.e. in what database fields, a business critical data or sensitive data could be “hiding”.

SDD helps in analyzing data using keywords, regular expressions, format, and numeric data with control digits such as credit cards, national identification numbers or IBANs. SDD rules define where, what and how should sensitive data be searched for. The findings could be fine-tuned by editing or adding new rules.

The SDD process starts with defining SDD rules for selected policy items. You can define an arbitrary number of rules for a selected policy item.

Once the SDD process is executed and the results (findings) are returned, the user has the option to mark particular findings as hit or miss. Hit means that the finding corresponds to the expected policy requirement. When selecting between hit and miss the user can also use the implementation note to describe how the data in the designated field is going to be anonymized. This note will be then used by Test Data Producer role when implementing actual BizDataX workflow.

Figure 9: Managing Sensitive Data Discovery rules

Mark findings as hits or misses, add implementation notes where needed.

hit or missFigure 10: Fine-tune SDD by marking rule results as hits or misses

The final result of a SDD process is the workflow implementation report. It contains information relevant for implementers such as policies and implementation notes for each field from within the selected data sources.

Fworkflow implementation reportigure 11: Get all information relevant for implementers, use workflow implementation report