The explosion of data in the last decade has been unprecedented. According to Gartner, it’s estimated that 80% of this data explosion can be attributed to the capturing of unstructured data. Experts project that the size of unstructured data will grow at a phenomenal rate of 62% a year. Most enterprises (an estimated 80%) have very little visibility into what’s happening across their unstructured data, let alone how to manage it.
Unstructured data is challenging to manage, as it does not easily lend itself to the more traditional data storage and analysis models. However, suppose you could find a better way to manage this kind of data and understand its content. In that case, unstructured data can be an extremely rich source of relevant information that can add tremendous value to your business, and you can effectively mitigate any data governance risks from regulations such as GDPR, HIPAA, or CCPA.
Unlike this structured world, where information is stored in a pre-defined data model, unstructured data:
- Does not have a pre-defined data model or is not organized in a pre-defined manner
- It comes in many unrelated forms, such as documents, text files, spreadsheets, presentation files, video files, audio files, and pictures, to name some of the more common formats.
- It is typically stored in individual files without an organizational application organizing and managing the relationships between those files.
So how do you mitigate the data governance and security risk associated with massive amounts of unstructured data?
Analytics Driven Data Management
Data security has been paused due to a new change agent in today’s IT world! It is no longer okay to be blind to what information is stored within your infrastructure. Information Technology must identify, tag, manage, secure, audit, quarantine, and move files with PII, HIPAA, CCPA, or GDPR data. Whether the goal is to quarantine, remove, secure, audit, or analyze these sensitive data elements, the IT industry must protect the business from risks it did not know existed until just a few years ago.
Insight AnalytiX delivers discovery, tagging, management, and movement of unstructured data based upon identifying the sensitive data that meets business requirements. Data privacy standards were created in recent years to protect individuals and companies from misappropriation of key data such as:
- PII data – includes address, credit card, and phone number data
- HIPAA data – includes diagnosis, prognosis, and medication data
- GDPR – applies to a consumer-facing organization that captures information such as username, password, and large amounts of personal information
- CCPA – gives consumers more control over the personal information that businesses collect about them
Default Report Templates
Insight AnalytiX 1.4 includes a set of default, system-created report templates that group entities and fields based on specific useful sets of information relevant to customer environments.
The default report templates in Insight AnalytiX 1.4 are as follows:
- Human Resource Data
- Highly Sensitive Identity Data
- Highly Sensitive Health Data
- Special Category Data
- Sensitive Health Data
- Highly Sensitive Financial Data
In addition, you can create your custom report template.
Figure 1: Insight AnalytiX Privacy Risk Classifier
Insight AnalytiX – Privacy Risk Classification
Companies that do not properly handle their unstructured data face enormous financial risk; how can they address this risk while doing more with less?
The Insight AnalytiX application merges the discovery of file metadata with the ability to perform content and context analytics for specific data types, PII, HIPAA, GDPR, or CCPA. Insight AnalytiX discovers sensitive data based upon its templated search technology and allows companies to identify where the data should be stored and how it should be managed to reduce their risk. Some common questions that companies are asking are:
- How much PII data exists in existing open shares in our company?
- Have we experienced a security breach, and were we able to identify what data might have been accessed?
- Are we supporting HIPAA requirements to manage and protect patient data with 10-year retention?
- Can we meet GDPR requirements to manage and protect personal data for 2-year retention?
- Are we prepared to face the complexities of CCPA compliance?
Figure 2: Privacy Risk Classifier Dashboard
Insight AnalytiX is the industry’s first search-based application to identify PII data risk across storage and application.
Differentiating Features of Insight AnalytiX 1.4
Insight AnalytiX provides risk identification and assessment based on the amount and combination of personal information found within a data set. In addition to risk identification, data can be classified to provide context via intelligent tagging, even allowing for auditing against pre-defined corporate standards, mitigating the need for user-dependent controls. Insight AnalytiX is the first step to identifying the potential exposure within a hybrid cloud file storage environment. This latest upgrade is focused on enhancing the product’s Data Protection and Security Functionalities. It will help customers with flexible & scalable PII discovery, deep analytics, and reduced data vulnerability.
Enables remediation of potentially-sensitive data
This version of the product does more than scan and analyze your environment for data that could potentially expose your employees and customers to risk; it allows you to resolve those issues.
Your organization can now mitigate the risk of sensitive data access and misuse through a robust, multi-approver remediation workflow. In this workflow, all necessary stakeholders are assigned tasks to request, approve, and execute different types of Remediation assignments, and all users can easily see the status of each Remediation project as it progresses.
Provides improved logical expression functionality for Data Discovery Reports
This version of Insight AnalytiX allows you to generate a Data Insight report on a dataset using a combination of entities. Report template definitions can now contain multi-level nested logical expressions and a combination of logical operators.
This improves the existing pattern recognition functionality and lets you build advanced expressions, thereby reducing the chances of missing sensitive personal data. These expressions are built using industry-recognized entities and fields supported by Data Dynamics.
Insight AnalytiX 1.4 provides flexible and scalable PII/sensitive data discovery, allowing users to generate a Data Insight report on a dataset by building advanced multi-level logical expressions and a combination of logical operators. PII/sensitive data can be discovered accurately without any misses, backed by deep analytics, both descriptive and diagnostic.
Quarantine your sensitive data to secured and accessible locations
The Remediation workflow in Insight AnalytiX 1.4 uses the migration and replication functionality in StorageX to allow users to quickly and securely migrate sensitive data from their current storage location to a more secure location, such as a share on a file storage resource or an object storage bucket. Sensitive files may be moved from one file share to another and from a file share to an object store location, including NFS- and SMB-based storage technologies. Object storage includes any S3-compliant object store and support for Azure Blob.
Enables blockchain-based file audit trails
In Insight AnalytiX 1.4, Auditing creates an immutable record of changes performed to the attributes of a file. Blockchain technology built into ControlX is implemented to provide a scalable and immutable audit trail. Blockchain technology at the core of ControlX creates a digital chain of custody for files with critical business information by recording every time the file is accessed or modified. Whenever an audited file is modified, the change is added to the blockchain, and you can then view a report of all audited changes for the dataset as a whole or a specific file, as needed.
Allows users to secure sensitive files
In Insight AnalytiX 1.4, the Remediation Analyst may choose to secure files from unnecessary access. This is achieved by excluding public access from the reported sensitive files. Insight AnalytiX 1.4 supports securing files stored on SMB-based storage in a single Microsoft Windows Active Directory domain.
Enables silent installation
Insight AnalytiX 1.4 includes a new silent installer, which allows you to rapidly deploy an Insight AnalytiX environment with an improved installation process without the need to go through multiple configuration windows. The silent installer takes a customizable pair of configuration files and automatically populates your installation, including all Content Processing Engines, Data Science Engines, Orchestration.
Engines, Elasticsearch, and Insight AnalytiX servers.
Improves the installation process
With this release, Insight Analytix 1.4 improves the performance of the installation process, cuts installation time by 70 percent, and simplifies user requirements.
Expands Linux installation support
This version of Insight AnalytiX allows users to install multi-node instances of the product on servers running Red Hat Enterprise Linux 8.4, in addition to the already-supported Red Hat Enterprise Linux versions 7.9, 8.1, and 8.2.
In addition, Insight AnalytiX now supports installation on both Minimal and GUI-based versions of both CentOS and Red Hat Enterprise Linux.
Provides support for Elasticsearch version 7.16.3
Insight AnalytiX 1.4 is upgraded to support Elasticsearch version 7.16.3.
Privacy Risk Classifier Use Cases
- Identify PII or sensitive data, as well as custom datasets
- Reduce Sensitive Data Exposure
- Assess Industry Compliance (GDPR, HIPPA, CCPA)
- Assist in the protection of GDPR governance
- Assess data for PII before moving to the cloud
- Protect sensitive data from unauthorized access and misuse
- Build multi-level logical expressions for accurate Data Discovery Reports
- Quarantine your sensitive data in a secure, easily accessible location
Start transforming your organization today into the Data Custodians of the future with Data Dynamics. Empower your Digital Enterprise with Analytics, Mobility, Security, and Compliance, all from a single platform.