Data-centric security for Big Data protection, compliance & data governance.
Discovery, encryption, data masking for sensitive data across all repositories.
Dataguise Database Classification and Security Solutions
Discover sensitive or personal information in the big data and secure with masking or other alternatives.
Dataguise DgSecure delivers the most precise data-centric governance solution that detects, protects, and monitors sensitive data assets in real time wherever they live and move across the enterprise and in the cloud.
Discover and detect sensitive data more precisely across the enterprise and in the cloud.
As big data gets bigger and more enterprises adopt the cloud, many companies lose track of where sensitive data is located, while some don’t even realize that it’s there at all… thus, they can’t take appropriate measures to protect it. It’s this sensitive data inadvertently left in the clear that causes the biggest pains for companies when they get audited or experience a breach.
DgSecure Detect enables you to discover, count, and report on sensitive data assets in real time wherever they live or move across data repositories, on premises and in the cloud. It’s a precise, highly scalable, resilient, and customizable solution, finding and summarizing sensitive data at the element level.
It’s easy to use our pre-defined templates for sensitive data types to quickly build security policies, and build your own customized sensitive data elements through a sophisticated regular expression (regex) pattern builder. DgSecure Detect then combs through structured, semi-structured, or unstructured content (across databases, Hadoop, Teradata, Cassandra, NoSQL, files, and SharePoint), and finds sensitive data, such as credit card numbers, Social Security Numbers, names, email addresses, medical IDs, ABA bank routing numbers, and financial codes.
DgSECURE Detect capabilities
- Handles high volumes of disparate, constantly moving, and changing data with time stamping to support incremental change and life cycle management.
- Supports a fluid or flexible information governance model that has a mix of highly “invested” (curated) data as well as raw, unexplored (gray) data such as IoT (Internet of Things) data, clickstreams, feeds, and logs.
- Handles a variety of data stores such as traditional relational databases and enterprise data warehouses as well as non-relational big data sources (Hadoop) and file repositories (SharePoint and file shares).
- Processes structured, semi-structured, and unstructured or free-form data formats.
- Provides automated detection and processing of a variety of file formats and file/directory structures, leveraging meta-data and schema-on-read where applicable.
- Provides deep content inspection using techniques such as patent-pending neural-like network (NLN) technology, and dictionary-based and weighted keyword matches to detect sensitive data more accurately.
Ensure your sensitive data is protected in the event of an audit or breach.
Data breaches happen, all too often. But there is a way to protect your organization’s most valuable and sensitive data even if it does fall into the wrong hands.
Dataguise delivers the first fully automated, 100% programmer-free way to lock and encrypt cell- or field-level information across all data repositories. Our fine-grained, end-to-end, data-centric protection is the most precise available — giving your organization the highest level of security. DgSecure encrypt engines run as fully automated processes (agent) across standard Hadoop ingest methods (Flume, Sqoop, and FTP) as well as for data at-rest in certified MapReduce and HIVE agents for Cloudera, Hortonworks, MapR, Pivotal, IBM Big Insights, Amazon EMR, and Microsoft HD Insights.
DgSECURE Protect capabilities
- State-of-the-art AES and NIST-recognized format-preserving encryption options.
- Automated, policy-based encryption for sensitive data in TXT, AVRO, Sequence, RC, ORC, JSON, XML file formats.
- Industry standard Key Management Interface Protocol (KMIP) client support for leading key management facilities provided by Safenet, RSA, Thales, and other KMIP key server systems.
- The ability to control and monitor internal decryption authorization via internal ACLs, or ACLs mapped to existing LDAP/Active Directory authorization groups to gain better protection against insider risks.
- Can be combined with data masking algorithms to give customers flexibility and choice when needing to share data with “semi-trusted” users either inside the organization or with external partners.
Identify a potential data breach in minutes, not months.
Most companies don’t know they’ve had a data breach until months after the damage has been done. A 2015 study by the Ponemon Institute found that malicious attacks can take an average of 256 days to identify while data breaches caused by human error take an average of 158 days to identify. It also confirmed that the longer it takes to identify a breach, the greater the cost.
Why does it take so long? With a plethora of security technologies in place, enterprises must sift through mounds of data about their data before understanding where real threats exist.
DgSecure Monitor offers an early warning system focused solely on safeguarding the sensitive data an organization truly cares about, cutting through the clutter to detect potential data breaches in just minutes. It keeps track of who is doing what to your organization’s sensitive data—whether stored on premiseS or in the cloud—and delivers real-time, policy-based alerts whenever unauthorized access or unusual access behavior occurs.
DgSECURE Monitor capabilities
- Fast and easy creation of sensitive data governance policies using pre-built or custom templates—no coding required.
- Continuous monitoring of all attempts to access sensitive data and the results (e.g., read, write, delete, copy, failed attempts)
- Immediate alerting to direct policy violations.
- Immediate alerting to atypical user behavior, based on profile analytics and machine learning—crucial to detecting threats from stolen insider credentials.
- Comprehensive coverage across on-premises and cloud environments, including Hadoop, Cassandra, Amazon S3, and Blob storage.
- Dashboard views of alerts, policies, metrics, and trends to understand the extent of monitoring coverage and potential exposure of sensitive data types or sources.