PK Protect is a complete data security solution that enables enterprises to leverage their data to achieve greater business goals while minimizing the risk of exposure and running afoul of data handling regulations such as PII, PCI, HIPAA, CCPA and GDPR. PK Protect facilitates this leverage through a well-defined process:
Define a Policy: Create a policy comprising of sensitive data types. Typically, the data types relate to regulatory compliance requirements. PK Protect comes with pre-built data types such as Social Security number, names, URLs, and credit card numbers. The product also allows users to add to these by creating additional data types that are of interest to them.
Detect: Locate and identify sensitive data, based on the policy defined within big data, and traditional repositories such as databases and file stores.
Mask/Encrypt: Replace sensitive data with fictitious content using one of many available options or create a cipher that restricts access to select users.
Verify: Review the discovered and secured sensitive data as well as user actions within PK Protect. There are multiple views into these issues including discovery/masking/encryption results, audit reports of all user activities within PK Protect, and a dashboard that summarizes attributes of all data with the ability to drill down to the desired levels of detail.
Through this process, PK Protect assists companies in assessing their compliance with regulatory requirements and reducing risks of exposure they may face. PK Protect operates on a variety of data stores:
DBMS: Core business applications, internal and external facing, commonly store data in relational databases such as Oracle, SQL Server, MySQL, and DB2. Copies of these are needed outside the well protected production environment to meet development, test, analytic, and other purposes.
An acceptably safe mechanism includes identifying and masking sensitive data in the database copies prior to those databases being shared outside of production. PK Protect can scan the network to locate database servers, search inside databases in those servers for sensitive information and, optionally, mask the sensitive information in the sharable copies of those databases.
This operation may be repeated as the databases are refreshed with current content.
File Stores: Public folders within enterprises may contain files with sensitive data due to inadvertent and, sometimes, deliberate user actions.
It is critical for organizations to detect the presence of such files for them to take corrective actions – remove the files, set appropriate access privileges, etc. PK Protect virtually handles all common file types, such as PDF and Microsoft Word documents, Excel spreadsheets, PowerPoint slides, text files, logs, and zip files, among others.
Hadoop: Enterprises now have access to more data coming from more platforms – such as social networks – and are intent on better leveraging the value of this disjointed information across multiple applications. This endeavor has resulted in a major challenge in managing the volume, velocity, and variety of structured and unstructured data.
Hadoop is the most common repository for this collection of information. While the need to protect sensitive content applies to big data in general, its sheer size and variability makes this a complex task. PK Protect provides a rich set of features in handling discovery of sensitive data in the multitude of storage (compression) and format (Sequence, Avro, etc.) options.
With these tools, users can detect the sensitive data and optionally mask or encrypt (row or cell level) in-flight as the data is being loaded into Hadoop or at rest within Hadoop after the data has been stored.
Cloud: An increasing amount of data is being moved to the cloud. Therefore, cloud-based object storage technologies such as S3, Google Cloud Storage (GCS), and Azure Blob Storage are becoming more important. In addition to these, both RDBMS services such as AWS Relational Database Service (RDS), and cloud-based data warehouses such as Redshift are becoming prominent. PK Protect also supports these newer targets.