As companies undergo Digital Transformation they increasingly hold more and more sensitive information. Such information can take many forms including, but not limited too, Protected Health Information (PHI), Personally Identifiable Information (PII), and Sensitive Personal Information (SPI).
Sensitive information such as this can be securely managed by the Enterprise File Fabric™ by combining Content Discovery and Data Automation rules to perform specific actions when new files are added to the File Fabric. The File Fabric facilitates this through the use of metadata. Metadata is data that provides information about other data.
First some background. When the File Fabric first indexes a storage provider it does not cache data, it extracts enough data to be able to build a view of the remote file such as filename, date, timestamp, size etc. Such metadata enables the File Fabric to provide details of each file without the need for copying or replication, and importantly this is done for every storage system connected to the Fabric. Once the File Fabric has this initial file or object metadata it is able to do a deeper analysis of the actual content in each file.
This deeper content index can then be used to validate and any enforce pre-set organizational rules and policies.
An example of this is the File Fabric’s Personal Identified Information (PII) module which identifies metadata content that contains personal information (such as credit card, passport numbers etc) within it and flags it for review.
Automation Rules can be configured so that specific actions can be performed as new information is discovered. For example, the File Fabric could be configured to move all documents containing specific PII data to a particular secure encrypted folder. Concurrently the File Fabric will also automatically alert pre-configured users of files that contain PII/SPI data, and send emails to end users notifying them that there upload had been flagged and was under review.. It will then additionally tag and classify the files as containing PII/SPI.
Discovering sensitive data is the first step to mitigating potential data breaches and the File Fabric can be used across public / private storage repositories to facilitate this.
If you are an enterprise, a service provider, an educational establishment or a financial service provider who is subject to GDPR, CCPA, PCI DSS, HIPAA, GBLA, FERPA or other compliance standards please ask a Storage Made Easy Enterprise Architect for a demonstration of the Enterprise File Fabric.by
Latest posts by Rebecca Norman (see all)
- Using Multi-Cloud Automation Rules to detect PHI / PII / SPI data - February 24, 2020
- How to make your storage GDPR compliant – a Webinar with Cloudian and IDG - March 6, 2019