Sensitive data discovery tools for SQL Server

List of sensitive data discovery tools

In recent years many international organizations, countries, states etc. have introduced strict regulations regarding sensitive data storing and processing (GDPR in EU, CCPA in California state or PDBP in India just to name a few) to ensure that companies and organizations handle personal information correctly. This should motivate organizations to revise their data protection policies and identify all private data they collect and process. Invaluable help with this tedious task are sensitive data discovery tools.

Somansa Server-i

Somansa Server-i is an endpoint discover solution to protect sensitive data and personal information stored in servers and databases. Using advanced machine learning algorithms and big data search technology, Server-i monitors, discovers, and secures sensitive data based on policy rules.

Data Activity Monitoring: No
Data Classification: No
Encryption, blocking, masking and quarantining: Yes
Export: -
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): Mac OS,Windows
Structured Data: Yes
Ustructured Data: -

Spirion

Spirion empowers you to automatically and persistently discover, classify, understand, control, and protect sensitive data in a way that ensured compliance but also allowed for business agility. It automates sensitive data classification throughout the data lifecycle for optimal protection and user access. In addition, it lets you create automated playbooks with a broad, flexible range of remediation actions to save time and ensure consistent treatment of sensitive data types.

Data Activity Monitoring: Yes
Data Classification: Yes
Encryption, blocking, masking and quarantining: Yes
Export: -
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): Mac OS,Windows
Structured Data: Yes
Ustructured Data: Yes

Netwrix

Netwrix Data Classification solves your data-related challenges, by empowering you to find sensitive content, such as financial data, medical records, and other PII, both on-premises and in the cloud. It automatically quarantines critical or sensitive data stored in insecure locations or accessible by large groups of users to minimize its exposure until you can make a thoughtful remediation decision.

Data Activity Monitoring: No
Data Classification: Yes
Encryption, blocking, masking and quarantining: Yes
Export: CSV,XML
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): Windows
Structured Data: Yes
Ustructured Data: Yes

Thales CipherTrust Data Discovery and Classification

Thales CipherTrust Data Discovery and Classification helps your organization get complete visibility into your sensitive data with efficient data discovery, classification, and risk analysis across heterogeneous data stores - the cloud, big data, and traditional environments - in your enterprise.

Data Activity Monitoring: No
Data Classification: Yes
Encryption, blocking, masking and quarantining: No
Export: -
GDPR: Yes
PHI (Protected Helath Information): Yes
PII (Personal Identifiable Information): Yes
Runs on: (for desktop): -
Structured Data: Yes
Ustructured Data: Yes

Discovering sensitive data can be done manually, simply by looking into each data source and identifying those with personal information inside. This solution, however, is very time-consuming and prone to mistakes. Much better is to use one of sensitive data discovery tools which does all that work automatically. Many of these solutions can work not only with structured, but also with semi-structured and unstructured data. Furthermore, some of them offer periodic synchronization with data sources, to automatically classify newly added information.

Why sensitive data classification is important? First and foremost, it is sign of care for clients and employees. No privacy data should leak, nor it should be seen by unauthorized people. Each organization should store only this information that are necessary for its’ functioning and collect them only with explicit consent (both are currently enforced by law). Not following rules can have severe consequences such as:

• Financial fines – London based pharmacy Doorstep Dispensaree Ltd was fined £275,000 for leaving medical files unprotected,
• Clients’ loss – PCI Pal conveyed a survey in which 83% of US customers claimed, they would stop spending with a business for several months in the immediate aftermath of a security breach,
• Legal prosecution – according to the Data Protection Act 2018 in UK, employee can face prosecution for data protection breaches,
• Loss of reputation – today’s more aware of cybersecurity customers may refuse to trust a company which violated data privacy rules.

Sensitive data discovery software is only part of personal information protection policy, although very important part. It is helpful especially when an organization uses many different data sources (files, databases, personal archives) or data regarding several countries, where identifying e.g., ID numbers may get complicated. However even small companies with clients from one region should be aware of private data in their systems, hence it is advised to frequently use one of listed sensitive data discovery software by organizations of any size.