Data Discovery Assessment

  • Do you know where your sensitive data is located?
  • Is this data safe?
  • Is your data classified in different security classes with the appropriate governance around it?
  • Are you sure that there is no dark data in your company that contains privacy sensitive information?
  • If you don’t know the what-where-why of your data, it is impossible to apply the appropriate policies and controls to protect it.
  • What masking rules can be applied to discovered sensitive data?

Data Assessment Framework

Data Discovery Assessment Approach

Access Capabilities

  • Ability to access source systems such as;
    • Relational databases (Oracle, SQL Server, DB2, PostgreSQL etc…)
    • Mainframes (Db2 for z/OS)
    • Big data platforms (Cloudera, Hortonworks, MapR, HDInsights)
    • Flat Files

Discovery Capabilities

  • Predefined data discovery rules for name, surname, citizen number etc. depending on Data and Metadata
  • Column Profiling for gathering statistics such as
    • Value Frequency and Pattern
    • Null and Distinct value ratios
    • Max and Min values
  • Primary Key / Foreign Key and Entity analysis

Classify Capabilities

  • Classify discover results in a predefined policy such as
    • PCI (Payment Card Industry)
    • PHI (Protected Health Information)
    • PII (Personally Identifiable Information)
  • Customize a policy for GDPR or KVKK with discovery results contains personal information data such as first name, phone number and citizen number etc…