It's 10 pm. Do you know where your data is?
Chances are you don't.
Learn more about data discovery and identifying risky behavior use cases.
Dasera can be used to address multiple Data Governance use cases.
Data Preservation Use Cases
- Impact: Always current data store inventory
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Notification: Dasera notifies Security of any new data store created since last scan of cloud environment
- Impact: Peace of mind that all your data stores are being backed up
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Misconfiguration Detection: Dasera crawls configurations of databases, checks if backup configuration is turned on Notification: Dasera notifies Security for any database that is not being backed up
- Impact: Better compliance with data retention policy
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Retention Reconciliation: Dasera compares all data stores present with data retention dates stored in Data Catalog Notification: Dasera notifies Compliance for any data store that is persisted beyond retention date or have retention dates missing.
Data Management Use Cases
- Impact: More up-to-date knowledge of data sets
- Solution:
Policy Authoring: Data team writes a policy to notify owner of data set (Data Owner) when new fields are detected Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Classification: Dasera continually detects and classifies new fields in each database Notification: Dasera notifies Data Owner when new fields appear in his/her data set
- Impact: More accurate classification
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Classification: Dasera continually detects and classifies new fields in each database, especially as PI or HI Policy Authoring: Data team writes policies to notify Data Owner when new fields are detected in their respective data sets Human Supervision: Data Owner logs into Dasera, reviews field classification, and updates classification/metadata as needed
- Impact: Better data governance, quality, and discoverability
- Solution:
Data Tagging: Data team creates sensitive data types and tags sensitive data types with sensitivity levels, regulations Data Store Discovery: Dasera continuously discovers all databases in cloud accounts Classification: Dasera continuously detect, classifies new fields in each database Automatic Tagging: Dasera automatically applies tags that are associated to the sensitive data type to the data field Manual Tagging: Data Owners can log into Dasera and associate/remove tags at any level of a database hierarchy
- Impact: Better data governance, quality, and discoverability
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Classification: Dasera continually detects and classifies new fields in each database Data-in-Use Monitoring: Dasera monitors all employee queries Metadata Replication: Whenever data has been replicated, Dasera will automatically replicate metadata from old field to new field (except date created, creator, and parent/child)
Data Security Use Cases
- Impact: Peace of mind that all your sensitive data is encrypted
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Classification: Dasera classifies all existing and new fields Automatic Tagging: Dasera data classification automatically tags sensitivity of each field Misconfiguration Detection: Dasera checks to see if any critically sensitive data is in a non-encrypted data store Notification: Dasera notifies Security of the unencrypted field(s).
- Impact: Peace of mind that all your data stores are not publicly accessible
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Misconfiguration Detection: Dasera checks to see if any data stores are publicly accessible Notification: Dasera notifies Security of the publicly accessible data stores
- Impact: Reduction in over permission
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Classification: Dasera classifies all existing and new fields Permission Assessment: Dasera determines which users have access to sensitive data Over permission Assessment: Dasera determines which users have not utilized their access to sensitive data [within a certain time period] Notification: Dasera notifies Security of potential over permissions.
- Impact: Better data governance, quality, and discoverability
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Classification: Dasera continually detects and classifies new fields in each database Data-in-Use Monitoring: Dasera monitors all employee queries Metadata Replication: Whenever data has been replicated, Dasera will automatically replicate metadata from old field to new field (except date created, creator, and parent/child)
- Impact: Reduced mean time to detection of breaches
- Solution:
Policy Authoring: The Security team uses Dasera’s no code policy editor to write policies with breach thresholds (e.g., >x,000 rows) Data-in-Use Monitoring: Dasera monitors all queries and query results on all data stores, or select data stores Notification: Dasera notifies Security when data is accessed that exceeds breach thresholds
- Impact: Reduced mean time to detection of credential theft
- Solution:
Policy Authoring: The Security team uses Dasera’s no code policy editor to write policies model expected data use by department or team (e.g., time of day, day of week, privacy violations, exfiltration) Data-in-Use Monitoring: Dasera monitors actual data usage against established policies Notification: Dasera notifies the Security team for suspicious behavior
- Impact: Reduction in insider threat
- Solution:
Employee Identification: Security team works with HR team to determine which employees are at high risk Policy Authoring: Security team uses Dasera’s no-code policy editor to write policies to monitor behavior of high risk employees Data-in-Use Monitoring: Dasera monitors actual data usage of high risk employees against established policies Notification: Dasera notifies the Security when a high risk employee triggers a policy
- Impact: Reduction in insider threat
- Solution:
Policy Authoring: Security team uses Dasera’s no-code policy editors to write policies to model expected data access patterns, by department or teams Employee Directory Integration: Dasera integrates with Okta or employee directory for employee metadata Data-in-Use Monitoring: Dasera monitors actual access patterns against expected access patterns Notification: Dasera notifies Security when unexpected data access occurs
Compliance & Privacy Use Cases
- Impact: Fewer compliance violations and fines
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Classification: Dasera continually detects and classifies new fields in each database, including the 2 types of fields/groups of fields that create dangerous combinations Policy Authoring: Compliance team writes a policy to detect if both types of fields are present in the same table Notification: Dasera notifies Compliance when policy is triggered
- Impact: Fewer compliance violations and fines
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Classification: Dasera continually detects and classifies new fields in each database, especially the 2 types of fields/groups of fields that create dangerous combinations Policy Authoring: Compliance team writes a policy to detect if both types of fields were produced in a given query’s results. Data-in-Use Monitoring: Monitor all employee queries Notification: Notify Compliance when e-PHI is dynamically created
- Impact: Fewer compliance violations and fines
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Data Tagging: Data Owners tag de-identified data sets, including PII Policy Authoring: Compliance writes a policy to prevent PII from being present in any data set tagged as de-identified Notification: Dasera notifies Compliance when the policy is triggered
- Impact: Fewer compliance violations and fines
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Manual Tagging: Data Owners tag limited data sets Policy Authoring: Compliance writes a policy to monitor for appends to limited data sets Data-in-Use Monitoring: Dasera monitor all queries to data sets Notification: Dasera notifies Compliance when policy is triggered
- Impact: Faster detection of compliance violations
- Solution:
Data Store Discovery: Dasera discovers all databases in cloud accounts on ongoing basis Manual Tagging: Data Owners tag which data sets should be immutable Policy Authoring: Compliance writes a policy to monitor for updates or deletions to data sets that are tagged as immutable Data-in-Use Monitoring: Dasera monitors all queries to data sets, looking for queries that violate the policy. Notification: Dasera notify Compliance when an immutable data set is modified
- Impact: Faster detection of compliance violations
- Solution:
Policy Authoring: Compliance writes policies for data residency and data handling Data Store Discovery: Dasera discover all databases in cloud accounts on ongoing basis Classification: Dasersa continually detects and classifies new fields in each database Employee Directory Integration: Security integrates Dasera with Okta or employee directory Data-in-Use Monitoring: Dasera monitors all employee queries Notification: Dasera notifies Compliance whenever a data residency or data handling policy is violated