The first version of the dynamic analysisEnrique Almohalla
The last week we sent the results of our first dynamic analysis attempt in Excel format to the client team. They really appreciated the information. Now they have responded us with the feedback report and these are the results:
Most of the sensitive data is located but we still need to tie up some loose ends. Basically, there are some technical issues related to the data storage formats on the legacy systems that make difficulties to the identification process. We need to adapt our tools: agents, and probably data masking algorithms to shot this trouble.
What we have concretely done is to run an automatized standard identification mechanism that goes over a representative set of the whole database looking for formats or patterns that describes the targeted data. When the process considers something like a possible sensitive data, it takes a note of the match and the team can verify the coincidence. But, unfortunately, the size of the systems and the way the data is stored makes it a very tough nut to crack.
Lets see the concrete problem we had: The client team stores multiple data types in a single field using a filler to fit them, they use a field named“Document”where they put both the passport and the ID (DNI in Spain) number of a customer. Since the ID and the passport don’t have the same length, they need to fill the smaller one:
Image. IDs and passports on the same field
What happens is that it has altered the format of your data so it won´t match with a passport pattern any longer. This is a small but real case that hides a big problem: The way the data is stored changes the data itself. To address this problem is necessary a smarter and adaptable mechanism.
Now we are focusing our efforts on improve adaptability using the Icaria Mirage´s customization capabilities. We are making some custom identification agents to solve these technical issues on the client´s environment. These agents will work together with the general ones to perform a better analysis.
The next step is to execute again the dynamic analysis including the improvements and see what happens. We are eager to check the results!