Informatica solution to discover and rank sensitive data

A smart CSO knows that building a perimeter tough enough to keep attackers out is impossible, so a good defence is built around knowing where the organization’s sensitive data is.

That’s not always as easy, as lines of business have ways of squirreling away things. On Thursday California-based Informatica Inc. will release a new solution it believes will help organizations find and categorize the risk of structured data to help make better security plans.

Called Secure@Source, the company says the software is better than traditional data discovery tools which index one database at a time. Secure@Source can scan an entire infrastructure, then populate a dashboard to give CISOs, CEOs, privacy managers and lines of business a score of what is and isn’t protected. With that they can decided what security weapons — cyber insurance, data masking, staff education etc. — to deploy against which asset.

“It gives the ability to gain sensitive data intelligence so you can add data protection and take all the controls you use and assess if they are deployed appropriately,” Robert Shields, Informatica’s head of product marketing for data security solutions, said in an interview.

The software can index sensitive data by geography, business unit, movement within the enterprise as well as by category (for example, credit card, personal information, health), all of which can be displayed on a dashboard. Across the top of the dashboard graphics can show the organization’s overall risk score, the percent of unprotected sensitive data and the amount of restricted data. A map can show the general location of sensitive data by geography. Also displayed could be top company or department databases by risk score. Each of these can be drilled down by users.

The suite also includes policy-based alerting. Informatica says policies are easily defined and implemented to identify high-risk conditions, which can trigger alerts for actions such as when sensitive data leaves a country, when sensitive data is found in unauthorized locations, when regulatory data is not sufficiently protected, and when risk levels reach critical thresholds.

For now Secure@Source runs only on Red Hat Linux and needs a customer-supplied database (it supports Microsoft’s SQL Server) as a repository. Shields said a “moderately-powered server will suffice for most organizations.” Pricing is based on the number of structured databases scanned and/or the number of mainframe connections. It isn’t inexpensive: Shields estimated that a base package would cost a “couple hundred thousand” dollars.

It could take some time to scan an entire large enterprise’s databases, but most of the discovery is automated. Gary Patterson, an Informatica product manager, said one beta customer with a large SAP installation that included 90,000 tables took only “several hours” to scan. However, he also acknowledged that customers with Informatica’s PowerCenter data integration platform will see faster results than others.

There are some ways to shorten scanning time. An administrator can configure the setup up to scan for specific type of data (credit card, for example).  Shields said Informatica recommends customers start by scanning priority databases. Secure@Source can also be configured to scan a statistically representative sample of an entire database to calculate results.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now