Skip to content

Create and Manage Data Zones

Overview of Data Zones

Data Zones in Privacera help organize, secure, and manage data access based on business needs, data sensitivity, and compliance requirements. They enable organisations to efficiently enforce compliance rules across various connectors.

Creating a Data Zone

Follow below steps to create Data Zones and configure policy for encrypting sensitive information across various connector resources.

  1. Log in to the Privacera portal for Self-managed installations. For PrivaceraCloud DataPlane deployments, log in to the Privacera Discovery Admin Console.
  2. Navigate to Compliance > Data Zones.
  3. Click on the "More" icon and select Add Data Zone.
  4. Update details in the required fields.
  5. Click Save.

Creating a Policy

Follow below steps to configure policy for different connectors, mapping multiple tags and schemas to encrypt sensitive information.

  1. Select a Data Zone under Compliance > Data Zones.
  2. Under the selected Data Zone, click on the POLICIES tab.
  3. Click the ADD POLICY button.
  4. Enter the required field values based on the policy selection.
  5. Click Save.

Adding Resources to a Data Zone

Follow below steps to add resource for various connectors, on which the policy will be applied.

  1. Select a Data Zone under Compliance > Data Zones.
  2. Click on the RESOURCES tab.
  3. Click the ADD RESOURCE button.

  4. Select the application and add the RESOURCE according to the application type.

    Tip

    For guidance on adding a resource to a Data Zone, refer to Adding a Resource to Data Zone.

  5. Click Save.

Re-evaluating a Data Zone

Policies applied to added resources can be enforced either by running scans or by re-evaluating the data zone.

  1. Select a Data Zone under Compliance > Data Zones.
  2. Click on the RESOURCES tab.
  3. Click the ADD RESOURCE button and add the RESOURCE according to the application type.
  4. Click the Re-evaluate checkbox next to the resource you wish to re-evaluate.
  5. Wait for approximately 60 seconds for the policy to be applied to the resource.

Creating Encryption & Masking Schemes

Follow below steps to create system schemes or configure schemes manually.

  1. Log in to the Privacera portal for Self-managed installations. For PrivaceraCloud DataPlane deployments, log in to the PrivaceraCloud portal.

    Note

    If the Encryption & Masking module is not displayed in the left navigation bar of PrivaceraCloud, follow these steps steps to enable it .

  2. Navigate to Encryption & Masking > Schemes.

  3. Select the ENCRYPTION tab.
  4. Click GENERATE SYSTEM SCHEMES.
  5. Confirm by clicking YES in the confirmation pop-up.

Creating a Ranger Service User

Note

This step is a prerequisite for running discovery compliance encryption policies.

  1. Log in to the Privacera portal for Self-managed installations.
  2. Navigate to Settings > User Management.
  3. Select the PORTAL USERS tab.
  4. Edit the privacera_service_discovery user by clicking the pencil icon.
  5. Save the privacera_service_discovery user details with default values.
  6. Ensure the privacera_service_discovery user appears under Access Management > Users / Groups / Roles.
  1. Log in to the PrivaceraCloud portal.
  2. Follow the steps outlined in Create Ranger Service User for Discovery Compliance Policies.

Grant Scheme Policy Access to Ranger Service User

Note

This step is a prerequisite for running discovery compliance encryption policies.

  1. Log in to the Privacera portal for Self-managed installations.
  2. Go to Access Management > Scheme Policies.
  3. Click on the privacera_peg service.
  4. Locate the all - encryption-scheme, presentation-scheme policy and Click the edit icon to edit it.
  5. Under Allow Conditions , add privacera_service_discovery user in the Select User field which has user permissions: Protect, Unprotect, Get Scheme, Impersonate
  6. Click Save.

Comments