Skip to main content
Druva Documentation

Manage sensitive data

                                    

inSync Cloud Editions: File:/tick.png Elite Plus File:/cross.png Elite File:/cross.png Enterprise File:/cross.png Business

Overview

Sensitive data is defined as any information that is private and must be protected from unauthorized access. Protection of sensitive data is required for legal reasons, for issues pertaining to personal privacy, or for information that is protected by the company policy.

inSync provides a few default predefined sensitive data and the ability to create custom sensitive data to address your organization's intellectual property information. The predefined sensitive data cannot be edited or deleted; however, you can modify or delete custom sensitive data.

You can use a predefined sensitive data or create custom sensitive data. 

For example, you can create custom sensitive data for Intellectual Property (IP) information. This can include types of research data (such as research data that is personally identifiable or proprietary), patent information, copyrights and trademarks, information concerning third-party agents and partners, product designs, system access passwords, and so on.

Note: You cannot delete or edit sensitive data that is associated to a policy template.

The following sensitive data are available for a specific geographical region and a specific template:

Region Template Available sensitive data
Global Financial data Credit/Debit card numbers with qualifying terms
Personally Identifiable Information (PII) Passport Details
Credit/Debit card numbers near PII
USA Document Classification Confidential Document Markers
Personally Identifiable Information (PII)
  • Drivers License
  • Social Security Numbers
  • Employee Identification number
HIPAA
  • EDIX12 HIPAA
  • Prescription Drugs
  • PHI related terms
  • Pharmaceutical Companies
  • Medical Ailments and Diseases
  • NPI with qualifying terms
Personal Health Information (PHI) PHI related terms
UK Document Classification Confidential Document Markers
UK National Health Service Community Health Index
Personally Identifiable Information (PII)
  • NHS number
  • National Insurance numbers
Germany Document Classification Confidential Document Markers
Personally Identifiable Information (PII) Social Insurance numbers
South Africa Document Classification Confidential Document Markers
Japan Document Classification Confidential Document Markers
Personally Identifiable Information (PII) MyNumber with qualifying terms
Global Not Applicable Credit/Debit card numbers

Create custom sensitive data

In addition to predefined sensitive data, you can create custom sensitive data to address your organization's intellectual property policies or any other requirements.

To create sensitive data

  1. On the inSync Management Console menu bar, click Manage > Compliance Policies. The Manage Compliance Policies page appears.
  2. Click the Sensitive Data tab. The Sensitive Data List appears, which includes both predefined and custom sensitive data.
  3. Click New Sensitive Data. The New Sensitive Data dialog box appears.
  4. Enter the following information:
    UI item Description
    Name

    Type the name for the sensitive data.  

    This is a mandatory field.

    Description

    Type the description for the sensitive data.

    This is an optional field.

    Category

    Select the category that best matches the sensitive data.

    This is a mandatory field.

    Region

    Select the primary region for the sensitive data.

    This is a mandatory field.

    Data type

    You can define sensitive data using the following methods:

    • Keywords: Select Keywords and in the Keywords field and type the keywords that you want inSync to search in the files.

      Keywords are not case sensitive. Multiple keywords must be comma-separated. 
      You can define how you want inSync to search for the keywords. In the Matching Criteria option, select one of the following:

      • Match at least one keyword in document: Select if you want inSync to flag a violation if any of the defined keywords match with any word in the document. 

      • Match all keywords in document: Select if you want inSync to flag a violation if all of the defined keywords match with any word in the document. 

    • Regular Expression: Select Regular Expression and enter the regular expression in the Regular Expression field. In inSync, you can use regular expressions to define complex search patterns that match the criteria of the keywords that you want inSync to find and flag a violation.

       

  5. Click Save.

A custom sensitive data is created and is displayed under Sensitive Data List.

View the list of available sensitive data

You can view all the available sensitive data, which includes both predefined and custom data.

To view the list of sensitive data

  1. On the inSync Master Management Console menu bar, click Manage > Compliance Policies. The Manage Compliance Policies page appears.
  2. To view the compliance policies per the geographic region, select the region from the list beside the Manage Compliance Policies page.
  3. Click the Sensitive Data tab. The Sensitive Data List appears, which includes both predefined and custom sensitive data.

Modify a sensitive data

As a cloud administrator, you can modify a custom sensitive data. However, you cannot modify the predefined sensitive data that is shipped along with inSync.

To modify a sensitive data:

  1. On the inSync Master Management Console menu bar, click Manage > Compliance Policies. The Manage Compliance Policies page appears.
  2. Click the Sensitive Data tab. The Sensitive Data List appears, which includes both predefined and custom sensitive data. The Publisher column specifies whether the sensitive data is predefined or custom.
  3. Click the required custom sensitive data. The Summary page for that sensitive data appears.
  4. Click Edit. The Edit Sensitive Data dialog box appears.
  5. Modify the required information, and then click Finish.

The updates are displayed on the Summary page for that sensitive data. 

inSync runs a global query and checks for compliance violations after you edit a sensitive data that is associated with a policy template.

Delete a sensitive data

As a cloud administrator, you can delete a custom sensitive data. However, you cannot delete the predefined sensitive data that is shipped along with inSync.

Note: You cannot delete a custom sensitive data, if it is associated with one or more policy templates.

To delete a sensitive data

  1. On the inSync Master Management Console menu bar, click Manage > Compliance Policies. The Manage Compliance Policies page appears.
  2. Click the Sensitive Data tab. The Sensitive Data List appears, which includes both predefined and custom sensitive data. The Publisher column specifies whether the sensitive data is predefined or custom.
  3. Click the required custom sensitive data. The Summary page for that sensitive data appears.
  4. Click Delete
  5. On the confirmation message that appears, click Yes.

The custom sensitive data is deleted from inSync.