Overview
Sensitive data is defined as any information that is private and must be protected from unauthorized access. Protection of sensitive data is required for legal reasons, for issues pertaining to personal privacy, or for information that is protected by the company policy.
inSync provides a few default predefined sensitive data and the ability to create custom sensitive data to address your organization's intellectual property information. The predefined sensitive data cannot be edited or deleted; however, you can modify or delete custom sensitive data.
You can use a predefined sensitive data or create custom sensitive data. You can also check also test out the sensitive data.
For example, you can create custom sensitive data for Intellectual Property (IP) information. This can include types of research data (such as research data that is personally identifiable or proprietary), patent information, copyrights and trademarks, information concerning third-party agents and partners, product designs, system access passwords, and so on.
π Note
β You cannot delete or edit sensitive data that is associated to a policy template.
Predefined sensitive data can be for a specific geographical region and a specific template or independent of region and template. The following table contains the details of all predefined sensitive data.
Region | Template | Available sensitive data |
Global | Financial data |
|
Global | Personally Identifiable Information (PII) |
|
USA | Document Classification | Confidential Document Markers |
USA | Personally Identifiable Information (PII) |
|
USA | HIPAA |
|
USA | Personal Health Information (PHI) | PHI related terms |
USA | California Consumer Privacy Act (CCPA) |
|
UK | Document Classification | Confidential Document Markers |
UK | UK National Health Service | Community Health Index |
UK | Personally Identifiable Information (PII) |
|
Germany | Document Classification | Confidential Document Markers |
Germany | Personally Identifiable Information (PII) | Social Insurance numbers |
South Africa | Document Classification | Confidential Document Markers |
Japan | Document Classification | Confidential Document Markers |
Japan | Personally Identifiable Information (PII) | MyNumber with qualifying terms |
Global | Not Applicable | Credit/Debit card number |
Click here to view the list of sensitive data that are not mapped to any specific template or geographic region.
Create custom sensitive data
In addition to predefined sensitive data, you can create custom sensitive data to address your organization's intellectual property policies or any other requirements.
To create sensitive data:
Click the global navigation icon to access the Global Navigation Panel and select Sensitive Data Governance. The Sensitive Data Governance overview page is displayed.
On the Sensitive Data Governance page , click Configure > Sensitive Data. The Sensitive Data page opens. This page lists all the predefined and custom-sensitive data types.
Click New Sensitive Data. The New Sensitive Data page appears.
Under the General section, enter the following information:
Name: Type the name for the sensitive data. This is a mandatory field.
Description: Type the description for the sensitive data. This is an optional field.
Category: Select the category that best matches the sensitive data. This is a mandatory field.
Region: Select the primary region for the sensitive data. This is a mandatory field.
Under the Sensitive Data Definition section, you can define sensitive data using the following methods:β
Keyword: Select Keywords and in the Keywords field and type the keywords that you want inSync to search in the files. Keywords are not case-sensitive. Multiple keywords must be comma-separated. You can define how you want inSync to search for the keywords. In the Matching Criteria option, select one of the following:
Match at least one keyword in document: Select if you want inSync to flag a violation if any of the defined keywords match with any word in the document.
Match all keywords in document: Select if you want inSync to flag a violation if all of the defined keywords match with any word in the document.
Regular Expression: Select Regular Expression and enter the regular expression in the Regular Expression field. In inSync, you can use regular expressions to define complex search patterns that match the criteria of the keywords that you want inSync to find and flag a violation. For regular expressions, inSync has global flag enabled.
(OPTIONAL) In the Test Data field, enter any text that you want to scan for violations associated with this sensitive data, and click Test Now. inSync highlights the violated and whitelisted keywords and also displays the count of each.
Click Save.
A custom sensitive data is created and is displayed on the Sensitive Data page.
Test sensitive data
You can validate any predefined or custom sensitive data to verify if it's working as expected. For validation, you can use any sample text that inSync must report violations for, that sensitive data. During the check, inSync highlights the violated and whitelisted keywords and also displays the count of each.
β Important
To test sensitive data, you can enter a maximum of 500 characters.
When scanning for violations, inSync always matches the shortest keyword in the content even if the same string is a part of a longer keyword.
The following options are available to test sensitive data:
While creating custom sensitive data: When you create a custom sensitive data, you can use the Test Data field to check the defined sensitive data. Enter any information that you want to scan for violations associated with this sensitive data, and click Test Now. inSync will display the count of violations and the count of whitelisted keywords in the content.
Testing created custom sensitive data: Click the name of the custom sensitive data that you want to test and then click Test Sensitive Data. Enter the information that you want to scan for violations and click Test Now. inSync displays the count of violations and the count of whitelisted keywords in the content as per the matching criteria defined in the sensitive data.
While editing custom sensitive data: If you have made modifications to any custom sensitive data, you can validate if inSync is reporting the desired violations. After saving your changes, click Test Sensitive Data to validate the changes that you have made. If you want to validate keywords or regular expressions, use the Test Data field while modifying the sensitive data.
Checking predefined sensitive data:
Navigate to Data Governance > Sensitive Data Governance.
On the left pane, click Configure > Sensitive Data.
Click the sensitive data that you want to test.
Click Test Sensitive Data.
In the Test Data field, enter the text that you want inSync to check and click Test Now. inSync displays the count of violations and the count of whitelisted keywords in the content.
View the list of available sensitive data
You can view all the available sensitive data, which includes both predefined and custom data.
To view the list of sensitive data:
Click the global navigation icon to access the Global Navigation Panel and select Sensitive Data Governance. The Sensitive Data Governance overview page is displayed.
On the Sensitive Data Governance page , click Configure > Sensitive Data. The Sensitive Data page opens. This page lists all the predefined and custom sensitive data types.
To view the sensitive data per the geographic region, click the Filters icon and select the region from the list.
Modify sensitive data
As a cloud administrator, you can modify custom sensitive data. However, you cannot modify any of the predefined sensitive data types.
To modify sensitive data:
Click the global navigation icon to access the Global Navigation Panel and select Sensitive Data Governance. The Sensitive Data Governance overview page is displayed.
On the Sensitive Data Governance page , click Configure > Sensitive Data. The Sensitive Data page opens. This page lists all the predefined and custom sensitive data types.
Click the required custom sensitive data. The details of that sensitive data are displayed.
To modify the general details of the sensitive data, click Edit in the General section.
Make the required changes and click Save.
To modify the sensitive data matching criteria, click Edit in the Sensitive Data Definition section.
Add or remove keywords, change the matching criteria, edit the regular expression, and click Save.
The updated details on the details page of that sensitive data. inSync runs a global query and checks for compliance violations after you edit a sensitive data that is associated with a policy template.
Delete a sensitive data
As a cloud administrator, you can delete a custom sensitive data. However, you cannot delete the predefined sensitive data that is shipped along with inSync.
πNote
βYou cannot delete a custom sensitive data, if it is associated with one or more policy templates.
To delete sensitive data
Click the global navigation icon to access the Global Navigation Panel and select Sensitive Data Governance. The Sensitive Data Governance overview page is displayed.
On the Sensitive Data Governance page , click Configure > Sensitive Data. The Sensitive Data page opens. This page lists all the predefined and custom sensitive data types.
Click the required custom sensitive data. The details of that sensitive data are displayed.
Click Delete.
On the confirmation message that appears, click Yes.
The custom-sensitive data is deleted.
Unmapped predefined sensitive data types
The is a list of data types that are not mapped to any geographical region or compliance template:
Postal addresses
Contact details - mixed
Bank account details with personally identifiable information
Credit or debit card numbers near personally identifiable information
Combination of PII
Social Security Numbers - with a phrase
Telephone numbers
Medical patient forms
Social Security Numbers - weak format
Ethnicity terms
Curriculum Vitae
Person identification numbers
Social Security Numbers - strict format
Person or banking identifiers near contact details
Bank account details
Contact details - sets
Contact details
Postal boxes
Bank account numbers
Personal sensitive data
Postal addresses
Email addresses
Date of birth with qualifying terms
Contact details