- Platform Release 6.5
- Privacera Platform Installation
- Privacera Platform User Guide
- Privacera Discovery User Guide
- Privacera Encryption Guide
- Privacera Access Management User Guide
- AWS User Guide
- Overview of Privacera on AWS
- Configure policies for AWS services
- Using Athena with data access server
- Using DynamoDB with data access server
- Databricks access manager policy
- Accessing Kinesis with data access server
- Accessing Firehose with Data Access Server
- EMR user guide
- AWS S3 bucket encryption
- Getting started with Minio
- Plugins
- How to Get Support
- Coordinated Vulnerability Disclosure (CVD) Program of Privacera
- Shared Security Model
- Privacera Platform documentation changelog
What is Discovery?
Privacera Discovery helps reveal information about your data and usage.
Privacera Discovery crawls computing assets such as databases or files, which are called data sources. It scans the data sources to identify sensitive information like credit card numbers, Social Security Numbers, and other personal, restricted, or confidential information.
Privacera Discovery classifies or labels this information to create a comprehensive catalog of your sensitive data. You can review these classifications to accept or reject them or refine the scanning via rules, dictionaries, models, and patterns.
The scans use a variety of techniques you can manipulate to identify and classify sensitive information:
Pattern matching with regular expressions.
Dictionaries to look up data from a whitelist or blacklist.
Sophisticated heuristics that look at both the data content and the context in which the data is located, such as the table or column name.
By reviewing and updating the classifications generated by the scanners, you can further implement policies to protect sensitive data in conformance with your enterprise's requirements. For example, you might want a policy that allows non-privileged users to see only the masked or transformed versions of certain sensitive fields such as SSNs or credit card numbers.
By grouping data sources into administrative data zones, maintenance and control of the assets in these zones can be delegated to the owners of the data in your enterprise's organizational groups.
Privacera Discovery has a variety of reports to aggregate, summarize, drill down into the classification results across the entire collection of data assets.
Planning for Privacera Discovery
This is a general approach to setting up Privacera Discovery.
Make sure that Privacera Discovery has been installed and enabled.
Take an inventory of the data assets you want to monitor, including databases and tables and applications, such as Hadoop or Databricks. Be sure to identify the data owners of those assets.
Enable your data sources for scanning in Privacera Discovery.
Optionally, create data zones of those data sources to delegate administration to your organizational groups.
Define scans to classify those data sources, including resource scoring, scanning schedules, which data sources to include, and which to exclude.
Based on the system's classifying tags, refine the scans using the following techniques:
Establish organizational mechanisms to implement a compliance workflow, including the following:
Enhance security by masking or encrypting database table, columns, rows, or other fields. For more information, see the Privacera Encryption Guide.
Install and Enable Privacera Discovery
Use the Privacera Manager to install and enable Privacera Discovery.
See the following information: