Data Discovery Assessment
- Do you know where your sensitive data is located?
- Is this data safe?
- Is your data classified in different security classes with the appropriate governance around it?
- Are you sure that there is no dark data in your company that contains privacy sensitive information?
- If you don’t know the what-where-why of your data, it is impossible to apply the appropriate policies and controls to protect it.
- What masking rules can be applied to discovered sensitive data?
Data Assessment Framework
Data Discovery Assessment Approach
- Ability to access source systems such as;
- Relational databases (Oracle, SQL Server, DB2, PostgreSQL etc…)
- Mainframes (Db2 for z/OS)
- Big data platforms (Cloudera, Hortonworks, MapR, HDInsights)
- Flat Files
- Predefined data discovery rules for name, surname, citizen number etc. depending on Data and Metadata
- Column Profiling for gathering statistics such as
- Value Frequency and Pattern
- Null and Distinct value ratios
- Max and Min values
- Primary Key / Foreign Key and Entity analysis
- Classify discover results in a predefined policy such as
- PCI (Payment Card Industry)
- PHI (Protected Health Information)
- PII (Personally Identifiable Information)
- Customize a policy for GDPR or KVKK with discovery results contains personal information data such as first name, phone number and citizen number etc…