SQL Server
Oracle
MySQL
PostgreSQL
Amazon Redshift
Azure SQL Database
DBT
Google Big Query
IBM DB2
MariaDB
SAP HANA
Snowflake
SQLite
Teradata
Vertica
Sensitive data discovery tools for SQL Server
List of sensitive data discovery tools
In recent years many international organizations, countries, states etc. have introduced strict regulations regarding sensitive data storing and processing (GDPR in EU, CCPA in California state or PDBP in India just to name a few) to ensure that companies and organizations handle personal information correctly. This should motivate organizations to revise their data protection policies and identify all private data they collect and process. Invaluable help with this tedious task are sensitive data discovery tools.
Immuta
Immuta automatically scans cloud data sources, detects sensitive data, and generates standard tagging across multiple compute platforms so you can eliminate manual, error-prone processes and get universal data access control and visibility into sensitive data. After registering data sources with Immuta, data teams can automatically classify and tag direct, indirect, and sensitive identifiers.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Windows |
| Structured Data: |
|
| Ustructured Data: |
|
IBM Security Guardium Data Protection
IBM Security Guardium Data Protection supports a zero-trust approach to security. It discovers and classifies sensitive data from across the enterprise, providing real-time data activity monitoring and advanced user behavior analytics to help discover unusual activity around sensitive data. It uncovers regulated data in your data stores and uses pre-built templates for regulations such as PCI DSS, SOX, HIPAA, GDPR, CCPA, and many more, to streamline and automate compliance workflows.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | CSV,PDF |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Linux,Windows |
| Structured Data: |
|
| Ustructured Data: |
|
Informatica Data Privacy Management
Informatica Data Privacy Management helps you discover, classify, analyze, protect, and monitor personal and sensitive data across your organization. In addition, it also lets you assess risk and monitor suspicious access to automate protection, transparency, and response.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | MS Excel,XML |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Kogni
Kogni discovers, secures, and monitors sensitive data in enterprise data sources. It discovers sensitive data in all types of file formats including unstructured text files and images for comprehensive enterprise data security. Kogni’s approach to data security reduces the impact of a data breach, helping enterprises comply with regulations, and also enables data governance initiatives by monitoring for policy violations.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Lepide Data Security Platform
Lepide Data Security Platform automatically scans, discovers, and classifies data at the point of creation to help you stay on top of where your sensitive data is located. You can implement hundreds of pre-defined criteria sets to locate sensitive data across your unstructured data stores and map to compliance mandates.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Windows |
| Structured Data: |
|
| Ustructured Data: |
|
Lumada Data Catalog
Lumada Data Catalog accelerates data discovery and metadata tagging to secure sensitive data, infer hidden relationships, and accelerate data self-service and insights.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
ManageEngine DataSecurity Plus
ManageEngine DataSecurity Plus lets you find, classify, analyze, and track sensitive personal data, such as PII/ePHI, stored in file servers and SQL databases. Other key features include file access auditing, ROT analyzer, permissions analyzer, storage analyzer, and many more.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Mac OS,Windows |
| Structured Data: |
|
| Ustructured Data: |
|
McAfee DLP Discover
McAfee Data Loss Prevention (DLP) Discover lets you locate, classify, and protect your sensitive data both on-premises and in the cloud. Unified policy creation, reporting, and management give you better visibility and control over your most vital data. In addition, you can easily review and repair violations and prevent sensitive data from being proliferated outside of your environment.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | CSV |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Windows |
| Structured Data: |
|
| Ustructured Data: |
|
MENTIS
MENTIS leverages the power of Artificial Intelligence and Natural Language Processing to uncover sensitive data in the most complex of locations, be it structured, unstructured, Big Data, or on the Cloud. It ensures efficient identification of sensitive data with minimal false positives with a patented approach to data discovery.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Windows |
| Structured Data: |
|
| Ustructured Data: |
|
Microsoft Information Protection and Governance
Information Protection and Governance in Microsoft 365 lets you accurately identify sensitive information across your enterprise with comprehensive classification capabilities, including machine learning. In addition, you can protect your sensitive data throughout its lifecycle by applying sensitivity labels linked to protection actions like encryption, access restrictions, visual markings, and more.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
PII Tools
PII Tools empowers you to scan your inventory and reveal any personal or sensitive data and analyze discovered data based on its severity, content, and context. In addition, you can report, delete, or quarantine suspect personal information and keep up with regulations with scheduled scans.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
SailPoint File Access Manager
SailPoint File Access Manager provides the visibility and control you need to confidently protect your organization’s most important data assets. You get a complete view of where your data lives and what sensitive information it contains. In addition, you can track potentially malicious activity and monitor access policy violations.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Satori
Satori is a data access service to monitor, classify, and control access to sensitive data such as PII, PHI, and PCI. Within seconds of implementation, Satori provides real-time visibility for all data access including user, query, and data classification context.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Seeker
Seeker is data loss prevention (DLP) software designed to offer sensitive data detection capabilities. In addition to detecting the most common forms of sensitive data such as social security numbers and credit cards, Seeker can also flag files within scan results having file system permissions that might be of concern
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Mac OS,Windows |
| Structured Data: |
|
| Ustructured Data: |
|
Solix Common Data Platform (CDP)
Solix Common Data Platform (CDP) provides data officers with a single pane of glass view into the complete enterprise data landscape (both production & non-production). Data officers can quickly discover and report on - industry-standard sensitive information such as PII, PCI, PHI using out-of-the-box algorithms and confidential information that is unique to their organization using custom algorithms.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Discovering sensitive data can be done manually, simply by looking into each data source and identifying those with personal information inside. This solution, however, is very time-consuming and prone to mistakes. Much better is to use one of sensitive data discovery tools which does all that work automatically. Many of these solutions can work not only with structured, but also with semi-structured and unstructured data. Furthermore, some of them offer periodic synchronization with data sources, to automatically classify newly added information.
Why sensitive data classification is important? First and foremost, it is sign of care for clients and employees. No privacy data should leak, nor it should be seen by unauthorized people. Each organization should store only this information that are necessary for its’ functioning and collect them only with explicit consent (both are currently enforced by law). Not following rules can have severe consequences such as:
• Financial fines – London based pharmacy Doorstep Dispensaree Ltd was fined £275,000 for leaving medical files unprotected,
• Clients’ loss – PCI Pal conveyed a survey in which 83% of US customers claimed, they would stop spending with a business for several months in the immediate aftermath of a security breach,
• Legal prosecution – according to the Data Protection Act 2018 in UK, employee can face prosecution for data protection breaches,
• Loss of reputation – today’s more aware of cybersecurity customers may refuse to trust a company which violated data privacy rules.
Sensitive data discovery software is only part of personal information protection policy, although very important part. It is helpful especially when an organization uses many different data sources (files, databases, personal archives) or data regarding several countries, where identifying e.g., ID numbers may get complicated. However even small companies with clients from one region should be aware of private data in their systems, hence it is advised to frequently use one of listed sensitive data discovery software by organizations of any size.