Sensitive Data MapDavid Fernandez
The Sensitive Data Map is the result of the search for sensitive information that we have covered in the last posts. It offers a model of the candidate fields for dissociation and an essential aid for the subsequent configuration. Also, the Sensitive Data Map presents relevant information about the content of the databases.
This post details the last stage of the detection of sensitive information present in the databased to be covered. In the previous article, we showed how and why analyzing the different fields of the databases can be a complex task and, in turn, is specific for each organization. Consequently, we proposed a solution where database field inspector can be configured quickly and simply in order to adapt to the different characteristics detected during the process.
Once the initial configuration of the inspector is completed, the analysis process can be executed periodically in the different environments to obtain newer versions of the Sensitive Data Map. If the format in which data is stored and the naming criteria of the fields do not vary much, the search algorithms will remain valid. In addition, in the previous post we discussed about the periodic execution n of this process, since the databases evolve and change over time according to the needs of the organization that manages them.
When the Map contains valid information is about time to proceed to a greater analysis of it. To meet this objective, some metadata of the model is provided. The map contains the schemas, tables, fields, inspectors, dissociators to apply and the confidence that the analysis carried out on each column. icaria Mirage allows you to view this information in two different ways, either directly in the application, or by exporting it to a file so that you can share it, mark down some notes, etc.
What is this data used for? Well, every single field has a specific purpose, the schema, table, and field indicate where the information is located. The inspectors refer to which agent performed the analysis that resulted in the detection as a candidate, if several have given results, the one with the highest temperature will be taken. The dissociator suggestion, advises which dissociation algorithm should be applied to the information contained. And, finally, the temperature shows the confidence level that the platform has given.
On the other hand, it is also important to remember that the detection of the sensitive information can be one through the field that contains it or by using some other from the same table that gives evidences of its presence. For example, when there is an address in a table it is usually accompanied by the city, providence and/or the postal code in other fields of the table. Therefore, the Sensitive Data Map also lists those fields that give indications of a certain type of sensitive information. Thanks to this, we can indirectly know the possibility of the presence of a table containing sensitive data.
Finally, once a valid version of the Sensitive Data Map is available, the analysis of sensitive data ends. At this point, the next stage of the Dissociation Project begins, that is the configuration of the dissociation algorithms within the previously synchronized metamodel to continue with the dissociation process after it. This task will be detailed in the following articles.