SQL Server
Oracle
MySQL
PostgreSQL
Amazon Redshift
Azure SQL Database
DBT
Google Big Query
IBM DB2
MariaDB
SAP HANA
Snowflake
SQLite
Teradata
Vertica
Sensitive data discovery tools
List of sensitive data discovery tools
In recent years many international organizations, countries, states etc. have introduced strict regulations regarding sensitive data storing and processing (GDPR in EU, CCPA in California state or PDBP in India just to name a few) to ensure that companies and organizations handle personal information correctly. This should motivate organizations to revise their data protection policies and identify all private data they collect and process. Invaluable help with this tedious task are sensitive data discovery tools.
SailPoint File Access Manager
SailPoint File Access Manager provides the visibility and control you need to confidently protect your organization’s most important data assets. You get a complete view of where your data lives and what sensitive information it contains. In addition, you can track potentially malicious activity and monitor access policy violations.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Satori
Satori is a data access service to monitor, classify, and control access to sensitive data such as PII, PHI, and PCI. Within seconds of implementation, Satori provides real-time visibility for all data access including user, query, and data classification context.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Seclore
Seclore provides data-centric security solutions that enable organizations to discover, classify, protect, and track sensitive information.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Mac OS,Windows |
| Structured Data: |
|
| Ustructured Data: |
|
Seeker
Seeker is data loss prevention (DLP) software designed to offer sensitive data detection capabilities. In addition to detecting the most common forms of sensitive data such as social security numbers and credit cards, Seeker can also flag files within scan results having file system permissions that might be of concern
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Mac OS,Windows |
| Structured Data: |
|
| Ustructured Data: |
|
Secuvy
Secuvy provides data intelligence to find sensitive and privacy information across multiple data stores at rest and in motion. Secuvy’s Data Discovery solution utilizes Contexual Artificial Intelligence that initiates the discovery of personal data and user correlation in real-time. It lets you collect, organize, and build a live data catalog to handle privacy, security, and governance needs for databases, object stores, storage, and more.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Gimmal Discover
Gimmal Discover lets you locate, classify, and manage data in order to mitigate privacy risks and protect sensitive information for regulations like CCPA and GDPR or eDiscovery requests. Once sensitive data is located, Gimmal Discover can apply classification categories that help control content in accordance with your organization's information governance standards.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Windows |
| Structured Data: |
|
| Ustructured Data: |
|
N-able Risk Intelligence
N-able Risk Intelligence locates sensitive and at-risk data across your managed networks and workstations, revealing how much a data breach might cost. Whether it’s an email address, ACH data, or credit card number, N-able Risk Intelligence finds insecure PII data both in transit and at rest to help you demonstrate compliance.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Solix Common Data Platform (CDP)
Solix Common Data Platform (CDP) provides data officers with a single pane of glass view into the complete enterprise data landscape (both production & non-production). Data officers can quickly discover and report on - industry-standard sensitive information such as PII, PCI, PHI using out-of-the-box algorithms and confidential information that is unique to their organization using custom algorithms.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Somansa Server-i
Somansa Server-i is an endpoint discover solution to protect sensitive data and personal information stored in servers and databases. Using advanced machine learning algorithms and big data search technology, Server-i monitors, discovers, and secures sensitive data based on policy rules.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Mac OS,Windows |
| Structured Data: |
|
| Ustructured Data: | - |
Spirion
Spirion empowers you to automatically and persistently discover, classify, understand, control, and protect sensitive data in a way that ensured compliance but also allowed for business agility. It automates sensitive data classification throughout the data lifecycle for optimal protection and user access. In addition, it lets you create automated playbooks with a broad, flexible range of remediation actions to save time and ensure consistent treatment of sensitive data types.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Mac OS,Windows |
| Structured Data: |
|
| Ustructured Data: |
|
Netwrix
Netwrix Data Classification solves your data-related challenges, by empowering you to find sensitive content, such as financial data, medical records, and other PII, both on-premises and in the cloud. It automatically quarantines critical or sensitive data stored in insecure locations or accessible by large groups of users to minimize its exposure until you can make a thoughtful remediation decision.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | CSV,XML |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Windows |
| Structured Data: |
|
| Ustructured Data: |
|
Tanium Reveal
Tanium Reveal helps organizations track and manage sensitive data for security, regulatory compliance and data privacy. Locate, categorize and manage personally identifiable information, personal health information, and sensitive project keywords in a wide variety of common file formats on Windows, Mac, and Linux endpoints.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Linux,Mac OS,Windows |
| Structured Data: |
|
| Ustructured Data: |
|
Thales CipherTrust Data Discovery and Classification
Thales CipherTrust Data Discovery and Classification helps your organization get complete visibility into your sensitive data with efficient data discovery, classification, and risk analysis across heterogeneous data stores - the cloud, big data, and traditional environments - in your enterprise.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Titus Classification
Titus Classification clearly identifies sensitive information by classifying documents and applying visual markings to email and files as needed. It enables organizations to confidently share information while complying with government and industry regulations.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | Windows |
| Structured Data: |
|
| Ustructured Data: |
|
Varonis Data Classification Engine
Varonis Data Classification Engine gives context around sensitive data, so that you can easily identify and lock down overexposed data, stale data, and remediate security vulnerabilities. Create rules that combine content sensitivity with risk exposure, usage, and file system metadata, so that nothing falls through the cracks.
| Data Activity Monitoring: |
|
|---|---|
| Data Classification: |
|
| Encryption, blocking, masking and quarantining: |
|
| Export: | - |
| GDPR: |
|
| PHI (Protected Helath Information): |
|
| PII (Personal Identifiable Information): |
|
| Runs on: (for desktop): | - |
| Structured Data: |
|
| Ustructured Data: |
|
Discovering sensitive data can be done manually, simply by looking into each data source and identifying those with personal information inside. This solution, however, is very time-consuming and prone to mistakes. Much better is to use one of sensitive data discovery tools which does all that work automatically. Many of these solutions can work not only with structured, but also with semi-structured and unstructured data. Furthermore, some of them offer periodic synchronization with data sources, to automatically classify newly added information.
Why sensitive data classification is important? First and foremost, it is sign of care for clients and employees. No privacy data should leak, nor it should be seen by unauthorized people. Each organization should store only this information that are necessary for its’ functioning and collect them only with explicit consent (both are currently enforced by law). Not following rules can have severe consequences such as:
• Financial fines – London based pharmacy Doorstep Dispensaree Ltd was fined £275,000 for leaving medical files unprotected,
• Clients’ loss – PCI Pal conveyed a survey in which 83% of US customers claimed, they would stop spending with a business for several months in the immediate aftermath of a security breach,
• Legal prosecution – according to the Data Protection Act 2018 in UK, employee can face prosecution for data protection breaches,
• Loss of reputation – today’s more aware of cybersecurity customers may refuse to trust a company which violated data privacy rules.
Sensitive data discovery software is only part of personal information protection policy, although very important part. It is helpful especially when an organization uses many different data sources (files, databases, personal archives) or data regarding several countries, where identifying e.g., ID numbers may get complicated. However even small companies with clients from one region should be aware of private data in their systems, hence it is advised to frequently use one of listed sensitive data discovery software by organizations of any size.