You are here
Solix EDMS Data Discovery
Auto-discover and secure PII, PCI & PHI data elements
Providing adequate security for confidential and sensitive information residing in enterprise application databases is a major concern for many enterprises. Production databases are carefully secured, and where necessary employees with legitimate access maintain special credentials such as HIPAA certifications or, in some cases, formal security clearances. However, development, QA, and other non-production environments typically do not have the same levels of security, and the application developers, test and support engineers working with those clones and data subsets usually are not required to maintain security credentials. This can create security problems that turn up in security audits required as part of business compliance, or worse, dissemination of personal information.
A common strategy for maintaining security in non-production environments is to mask, scramble, or otherwise replace real sensitive data with randomized bytes that maintain the data formats required by the application.
Before sensitive data can be masked, however, it must be identified. Two challenges make this harder than it may seem at first glance. The first is that sensitive information comes in many forms including but not limited to:
- Social Security numbers and similar national identification numbers
- PINS and passwords
- Date-of-birth and other personal data
- Names and addresses
- Other information covered under privacy regulations in the European Union and other geographies
- Personal health information covered under HIPAA in the United States and similar regulations in other geographies
- High security information such as new product designs or military or law-enforcement data
- Personal financial information covered by various regulations in many countries
The second is the number of applications that may work with confidential and sensitive information running in heterogeneous databases with different structures. Many of these are legacy applications which are difficult to identify the data elements that need to be masked due to limited documentation, lack of standard or obvious naming conventions, and different formats. And the cost of missing something can be high and can include:
- Loss of brand and company reputation in the marketplace
- Legal action by government regulators if the breach violates business regulations
- Loss of customers who move their business to competitors seen as more secure
- Legal actions by employees, customers, or investors injured by the breach
- Stock price decline
- Stockholder law suit over poor stock performance
Solix EDMS Data Discovery which is a component of Solix Enterprise Data Management Suite (Solix EDMS) addresses the key issue of identification of confidential and sensitive information such Personally Identifiable Information (PII), Payment Card Industry (PCI), and Personal Health Information (PHI) data elements before they can be masked.
With simple-to-use process-driven user interaction, Solix EDMS Data Discovery guides users from connecting to heterogeneous databases to identifying sensitive data and taking specific actions of masking the selected data elements.
Solix EDMS Data Discovery comes with pre-built search patterns that can search against metadata or the data for standard PII data elements. It can be further customized to meet enterprise or industry specific requirements.
The built-in data discovery dashboard provides a quick snapshot of discovery configurations that have been run with drill-down information on the identified data elements.
In combination with Solix EDMS Test Data Management, and Solix EDMS Data Masking, Solix EDMS Data Discovery delivers a fully automated data identification, subsetting and masking process in heterogeneous data sources to create secure data subsets. The solution delivers immediate ROI based on storage provisioning and meeting compliance requirements.
- Pre-populated rules and patterns for individual PII and PCI elements
- Support for heterogeneous databases including Oracle, Microsoft SQLServer, Sybase IQ, MySQL, IBM DB2
- Fully integrated with Solix EDMS Data Masking to provide a seamless discovery to masking process
- Actionable process to mask discovered data elements
- Simple-to-use process driven user interaction
- Data Discovery Dashboard
- Searches metadata and/or data
- Facilitates compliance and enables adherence to industry regulatory standards
- Speeds time to discover sensitive and confidential information
- Ensures all confidential information is discovered and then masked