Enterprise Recon can discover a wide range of data, coming with over 250 predefined data types (and over 300 when including variants) that span a variety of regulations including GDPR, CCPA, HIPAA, and PCI DSS. You can also create your own, custom data types if need be. The data in your system can then be matched to a selection of these data types during the discovery process. The product will determine the content type of each of your files and/or records, perform appropriate decoding and transformation, then attempt to recognise and match your data. This matching is achieved via pattern matching using GLASS (‘Ground Labs Accurate Search Syntax’), Ground Labs’ bespoke pattern matching technology for data discovery. GLASS has been built by Ground Labs from the ground up to be easy to read and to develop in when used for data discovery, and this makes it far more fit-for-purpose than simply supporting regular expressions as commonly used.
Moreover, pattern matching using GLASS is able to use contextual information to help determine whether a match is correct, and therefore whether the data in question is sensitive. This means that, for example, you could write a pattern that locates address information but that disregards corporate addresses based on particular terms or keywords that appear near the data. This can go the other way, as well, where otherwise innocuous data can be identified as sensitive based on its context.
Once the data discovery process is finished, Enterprise Recon exposes your results as part of its dashboard, as shown in Figure 1. It also allows you to review your results and then remediate the data you’ve matched. Reviewing your data allows you to search through, filter and, if necessary, manually curate your matched data. Information on each match is displayed in detail, including samples of the matched data as well as relevant contextual data.
Remediation, on the other hand, enables you to secure the data you’ve discovered. Depending on the data source and the type of file, up to four remediation actions may be available to you: mask, quarantine, encrypt, and delete. Mask allows you to statically mask data by partially replacing it with a series of ‘x’ characters (this could more accurately be described as redaction); quarantine allows you to move data to a secure location of your choice; encrypt is self-explanatory; and delete allows you to permanently remove data from your system but, importantly, is not available for databases (which is a good thing: database administrators don’t tend to appreciate this sort of intervention). All remediation actions taken are stored in a remediation log that can be reviewed at will.
Enterprise Recon also allows you to locate all data associated with a given individual, and thereby supports data subject access requests (DSARs), which is important for complying with GDPR. Further, the product provides an open API that allows it to integrate with third party applications. It boasts particularly close integration with Data Loss Prevention (DLP) products. In addition, it supports a wide variety of data sources, including file systems, relational databases (such as MySQL, Sybase, Teradata, PostgreSQL, Oracle and DB2), MongoDB, all three major cloud providers (including S3) and SharePoint. Ground Labs also plans to release support for InterSystems Caché in Q1 2020 and SAP Hana during the second half of 2020. Given that InterSystems in particular is a major player in the healthcare industry, especially when it comes to the storing of patient service records, supporting it will be a significant advantage.
