Solix Sensitive Data Discovery

Solix Technologies, Inc. was founded in 2002 and provides solutions for enterprise data management. It operates worldwide through an established network of value-added resellers and systems integrators, helping its clients improve application performance, reduce storage costs, and meet data compliance and privacy requirements.

The company’s primary focus is on information lifecycle management. It has recently launched intelligent data classification and generative AI initiatives, and has introduced data lakehouse support alongside its other functionality.

Solix Common Data Platform (CDP) is a cloud-focused enterprise data management platform. It can be deployed as a self-managed multi-cloud, on-prem, or hybrid solution, or as part of SOLIXCloud, a fully managed SaaS environment hosted on Microsoft Azure, featuring elastic pricing and guaranteed availability. Regardless of deployment, it can operate at scale across both structured and unstructured data, and can be accessed through either a web browser or an API.

The platform offers a wide variety of data management capabilities, including data archiving, data cataloguing, test data management, Enterprise Content Services (ECS), an enterprise data lake, and more (see Figure 1). For the purposes of data privacy and regulatory compliance, it offers solutions for data governance, data masking, and – most notably for this report – sensitive data discovery, which can be licensed individually or collectively.

CDP will scan your enterprise data landscape and automatically discover any sensitive data found therein. It is compatible with hundreds of data sources for this purpose, from structured to highly unstructured data, and comes with around 50 predefined discovery templates, many of which are based on specific data regulations, such as GDPR, HIPAA and PCI DSS. These templates are individually customisable and collectively extensible, and can be used to discover sensitive personal data, financial data, health data, and so on, within a user-defined scope.

The discovery process itself examines both your data and the metadata attached to it. It starts with the low-hanging fruit of metadata matching (for instance, by examining column names) before moving on to the more difficult – but also more thorough – techniques of pattern and value matching within the data as well as master data lookup matching. The discovery process is fully configurable, and may include sampling to help your users detect false positives. Sensitive data is always discovered in place, and is never moved by the discovery process.

Any discovered sensitive data is automatically tagged appropriately – as PII, PCI, PHI, or what have you – based on the template it was discovered against. In addition, data relating to any single entity (such as a particular person) can be identified, and thereafter treated as a unit. This is useful for the purposes of, say, fulfilling DSARs (Data Subject Access Requests). You can also leverage CDP’s broader data masking and/or lifecycle management capabilities to obfuscate, archive, or delete any sensitive data that is discovered. The platform presents your discovery results in dashboards and visual diagrams, and can also leverage them to generate templatised auditing and compliance reports.

Your discovery processes, once defined, can be run automatically and repeatedly. They can also be used as part of, or connected to, existing data privacy/compliance workflows. Indeed, CDP gives you the tools to create bespoke data compliance workflows. Classification and/or sensitivity information can be imported from other discovery tools, and similarly exported to various metadata management products (such as data catalogues).

The sensitive data discovery capabilities provided by CDP are mature and competent. For example, its built-in discovery templates help you generate value quickly, and this is particularly true in environments for which it offers dedicated project accelerators, such as Oracle and PeopleSoft.

That said, one of the greatest benefits of CDP is its broad range of data management and security capabilities outside of strict sensitive data discovery. This includes capabilities, like data masking, that – while certainly useful and very much welcome – are fairly common within the sensitive data space, as well as markedly rarer (but still very useful) capabilities, such as data lifecycle management, database archival, and application retirement, that pair very well with sensitive data discovery. This feeds into one of CDP’s major selling points: it provides a single, unified platform for managing the entire, end to end lifecycle of your data, including your sensitive data. Sensitive data discovery is just the first step of this lifecycle, and CDP treats it as such.

Moreover, CDP offers considerable breadth in terms of where it can find sensitive data. This manifests in both its data source coverage as well as its test data management offering, which together allow you to search for and protect sensitive data in a wide range of production, development and testing environments, the latter two of which are often ignored (or at least deprioritised) when it comes to sensitive data.

Solix CDP offers sensitive data discovery as one feature among many within a broad and highly competent data management suite. Given that sensitive data discovery works most effectively in tandem with other data privacy and sensitive data management capabilities, this is no bad thing.