Sensitive data discovery tools

List of sensitive data discovery tools

In recent years many international organizations, countries, states etc. have introduced strict regulations regarding sensitive data storing and processing (GDPR in EU, CCPA in California state or PDBP in India just to name a few) to ensure that companies and organizations handle personal information correctly. This should motivate organizations to revise their data protection policies and identify all private data they collect and process. Invaluable help with this tedious task are sensitive data discovery tools.

Dathena

Dathena is an AI-driven sensitive data discovery and protection platform. It lets you identify and link personally identifiable information across documents – at scale – to ensure it remains private and in compliance with GDPR, CCPA, PDPA, LGDP, and HIPAA. It discovers where your data is located, who owns or modifies it, and who has access

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: No
Export: -
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): -
Structured Data: Yes
Ustructured Data: Yes

DocAuthority

DocAuthority automates the discovery, ingestion, and cataloging of files and documents, which enables clear line of sight to sensitive files and documents that are not adequately safeguarded, effective and efficient identification of regulated or commercially sensitive data, identification of redundant, obsolete, and trivial data enabling substantial storage savings quickly and easily.

Data Activity Monitoring: No
Data Classification: Yes
Encryption, blocking, masking and quarantining: No
Export: -
GDPR: Yes
PHI (Protected Helath Information): No
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): -
Structured Data: No
Ustructured Data: Yes

Egnyte

Egynte provides one unified platform to manage, secure, and govern your most valuable data type (content) across any cloud, any device, anywhere. It empowers you to locate valuable and sensitive data buried in the company content, control risks and automate compliance, protect your business from internal and external security threats, etc.

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: Yes
Export: -
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): Mac OS,Windows
Structured Data: Yes
Ustructured Data: Yes

Enterprise Recon

Enterprise Recon is a smart data discovery solution by Ground Labs that enables organizations to find and remediate personally identifiable information (PII) and sensitive information across the broadest range of structured and unstructured data -whether it’s stored across servers, on desktops, email, and databases, on-prem and in the cloud.

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: Yes
Export: CSV,HTML,PDF,XML
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): -
Structured Data: Yes
Ustructured Data: Yes

Fasoo

Fasoo Data Radar product is a data governance solution to discover and classify sensitive unstructured data based on its association with people and other characteristics, showing the data’s security vulnerability and dynamically applying security policies on a continuous basis. On the other hand, Fasoo Enterprise DRM product provides the most advanced file-based security solution that allows organizations to protect, control, and track sensitive documents to meet the internal and regulatory security requirements during all stages in the document lifecycle.

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: Yes
Export: -
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): Mac OS,Windows
Structured Data: No
Ustructured Data: Yes

FileAuditor

FileAuditor is a DCAP solution (data-centric audit and protection) for automated file system audit, search for access violations, and monitoring changes in critical data. It lets you obtain total visibility and keep track of any operation on sensitive data and lets you classify content and make sure identified documents comply with regulations.

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: No
Export: -
GDPR: No
PHI (Protected Helath Information): No
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): Windows
Structured Data: No
Ustructured Data: Yes

FileFacets

FileFacets is a Software-as-a-Service (SaaS) platform that performs sophisticated data discovery and content search of structured and unstructured data within corporate networks, servers, content management systems, email, desktops, and laptops. FileFacets identifies sensitive information and personal data, removes redundant data, and facilitates the secure transfer of content between repositories, mitigating risk and assisting businesses worldwide in their privacy compliance and data management efforts.

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: Yes
Export: -
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): -
Structured Data: Yes
Ustructured Data: Yes

Global IDs

The Global IDs Enterprise Data Automation (EDA) platform comprises a set of core functions, i.e., automated sensitive data discovery, data profiling, data classification, data lineage, data quality, and more, thereby facilitating in compliance with regulations, such as GDPR and CCPA.

Data Activity Monitoring: No
Data Classification: Yes
Encryption, blocking, masking and quarantining: No
Export: -
GDPR: Yes
PHI (Protected Helath Information): No
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): -
Structured Data: Yes
Ustructured Data: Yes

Hush-Hush Data Masking

Hush-Hush Data Masking tool helps you find your and your customer's sensitive data, classify it, anonymize it, and comply with GDPR, CCPA, HIPAA / HITECH, and GLBA requirements. It discovers sensitive data in databases, files, HL7 and EDI messages, and text., while anonymizes sensitive data both on-premises and in the cloud.

Data Activity Monitoring: No
Data Classification: Yes
Encryption, blocking, masking and quarantining: Yes
Export: -
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): Windows
Structured Data: Yes
Ustructured Data: Yes

IBM Data Risk Manager

IBM Data Risk Manager identifies high-value, business-sensitive information assets that are at risk from internal and external threats. It provides an end-to-end view of business metadata associated with crown jewel data. It leverages real-time information to efficiently discover sensitive information assets and yet-unidentified data stores.

Data Activity Monitoring: No
Data Classification: Yes
Encryption, blocking, masking and quarantining: No
Export: -
GDPR: Yes
PHI (Protected Helath Information): No
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): Mac OS,Windows
Structured Data: Yes
Ustructured Data: Yes

Immuta

Immuta automatically scans cloud data sources, detects sensitive data, and generates standard tagging across multiple compute platforms so you can eliminate manual, error-prone processes and get universal data access control and visibility into sensitive data. After registering data sources with Immuta, data teams can automatically classify and tag direct, indirect, and sensitive identifiers.

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: Yes
Export: -
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): Windows
Structured Data: Yes
Ustructured Data: Yes

IBM Security Guardium Data Protection

IBM Security Guardium Data Protection supports a zero-trust approach to security. It discovers and classifies sensitive data from across the enterprise, providing real-time data activity monitoring and advanced user behavior analytics to help discover unusual activity around sensitive data. It uncovers regulated data in your data stores and uses pre-built templates for regulations such as PCI DSS, SOX, HIPAA, GDPR, CCPA, and many more, to streamline and automate compliance workflows.

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: No
Export: CSV,PDF
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): Linux,Windows
Structured Data: Yes
Ustructured Data: Yes

Informatica Data Privacy Management

Informatica Data Privacy Management helps you discover, classify, analyze, protect, and monitor personal and sensitive data across your organization. In addition, it also lets you assess risk and monitor suspicious access to automate protection, transparency, and response.

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: No
Export: MS Excel,XML
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): -
Structured Data: Yes
Ustructured Data: Yes

Kogni

Kogni discovers, secures, and monitors sensitive data in enterprise data sources. It discovers sensitive data in all types of file formats including unstructured text files and images for comprehensive enterprise data security. Kogni’s approach to data security reduces the impact of a data breach, helping enterprises comply with regulations, and also enables data governance initiatives by monitoring for policy violations.

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: Yes
Export: -
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): -
Structured Data: Yes
Ustructured Data: Yes

Lepide Data Security Platform

Lepide Data Security Platform automatically scans, discovers, and classifies data at the point of creation to help you stay on top of where your sensitive data is located. You can implement hundreds of pre-defined criteria sets to locate sensitive data across your unstructured data stores and map to compliance mandates.

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: Yes
Export: -
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): Windows
Structured Data: No
Ustructured Data: Yes

Discovering sensitive data can be done manually, simply by looking into each data source and identifying those with personal information inside. This solution, however, is very time-consuming and prone to mistakes. Much better is to use one of sensitive data discovery tools which does all that work automatically. Many of these solutions can work not only with structured, but also with semi-structured and unstructured data. Furthermore, some of them offer periodic synchronization with data sources, to automatically classify newly added information.

Why sensitive data classification is important? First and foremost, it is sign of care for clients and employees. No privacy data should leak, nor it should be seen by unauthorized people. Each organization should store only this information that are necessary for its’ functioning and collect them only with explicit consent (both are currently enforced by law). Not following rules can have severe consequences such as:

• Financial fines – London based pharmacy Doorstep Dispensaree Ltd was fined £275,000 for leaving medical files unprotected,
• Clients’ loss – PCI Pal conveyed a survey in which 83% of US customers claimed, they would stop spending with a business for several months in the immediate aftermath of a security breach,
• Legal prosecution – according to the Data Protection Act 2018 in UK, employee can face prosecution for data protection breaches,
• Loss of reputation – today’s more aware of cybersecurity customers may refuse to trust a company which violated data privacy rules.

Sensitive data discovery software is only part of personal information protection policy, although very important part. It is helpful especially when an organization uses many different data sources (files, databases, personal archives) or data regarding several countries, where identifying e.g., ID numbers may get complicated. However even small companies with clients from one region should be aware of private data in their systems, hence it is advised to frequently use one of listed sensitive data discovery software by organizations of any size.