Authors: RashmiRekha00u176ruk... Skip navigation

Secure@Source

7 Posts authored by: Rashmi Rekha Gogoi

Data Privacy Management 10.4.0 has been released to shipping and is available immediately.

Operationalize data privacy with Data Privacy Management 10.4.0

Secure@Source is now rebranded as Data Privacy Management (“DPM”). Data Privacy Management enables CDOs and the IT organization to operationalize Data Privacy Governance with a focus on subject data for structured and unstructured data sources across the enterprise. The key features available with this release are:

Subject Metadata Model:

Data Categories: DPM now ships with various capabilities to associate data categories to data that can be customized to individual customer needs. Classify subject data into various data categories to accelerate time-to-value. Automated association of categories to subject data enables privacy analysts to report on data that an organization holds about a specific subject, such as DSAR reports that contain information about these categories of data.

Purpose: For visibility into authorized use, data privacy regulations often mandate recording of the purpose for which data about a subject is stored in various systems. DPM 10.4.0 enables recording of the purpose for which subject data is collected and reporting as per regulatory requirements.

Legal Hold: Legal holds can be applied on data subjects as per the legal requirements of an organization. Legal holds are now visible to privacy analysts as they interact with the system on various subject requests.

Third-party Shares: Data stores can now be marked as “Shared with Third Party” so that analysts and operators are aware of subject data that is shared with external entities or organizations for meeting regulatory requirements, understanding risk, and reporting. When a data store is marked as third-party shared, users can store information on the thirty-party organizations to which this data is shared, along with a description of the sharing requirement, so that it can be reported on, as required.

Subject Residency: DPM 10.4.0 enables automatic tracking of residency of a subject so that the applicability of various regulations on the subject can be easily identified and policy applied.

Historical Requests: All historical subject requests are now tracked in DPM 10.4.0. Privacy analysts and operators can now look at all the requests made by a subject and can decide if they need to respond to specific subject requests when received.

RESTful APIs

Data Privacy Management 10.4.0 ships with a broad set of RESTful API’s to automate privacy-related actions. Customers can now use these APIs to create or integrate DPM with their existing self-service portals or processes. This provides the appropriate subject data and visibility required for completing statutory obligations required for privacy regulations.

DSAR report templates

DPM 10.4.0 ships with multiple DSAR report templates that can be used to create various types of DSAR reports. These templates enable privacy analysts & data privacy officers to generate DSAR reports based on organizational needs, for example, report with metadata information only, report with data grouped by data categories, and report in PDF or CSV format.

Task delegation

With DPM 10.4.0, Subject Requests can be delegated using DPM’s integration with ServiceNow. DPM can now create a ServiceNow ticket automatically based on a Subject Request and also provide a status update to privacy analysts based on the status of the ServiceNow ticket.

Customers can also delegate tasks through email or create a custom script to automate their processes.

Enhanced onboarding:

With DPM 10.4.0, administrators can configure multiple seed data stores in the system to identify subject data. This enables creating a subject registry by collating information from multiple sources of data.

Breach reporting:

DPM 10.4.0 enables application owners and privacy analytics teams to create a breach report if a security event warrants it. This happens efficiently with the click of a button, creating a report that enables DPOs, controllers, etc., to gain visibility within an accelerated time period.

Purge DSAR reports:

Supporting the philosophy of Privacy by Design, DPM 10.4.0 enables privacy administrators to create a retention period within DPM such that DSAR reports created are purged automatically after a specified period of time. This ensures that DPM is compliant with privacy regulations and does not store subject data when not required.

Expanded PAM support for Subject Registry

DPM 10.4.0 works on Informatica Platform 10.4.0 and EDC 10.4.0. DPM 10.4.0 now supports various big data, cloud databases, and cloud applications to scan for subject data and report on the same. Refer to Data Privacy Management 10.4.0 PAM for further information.

Release Notes:

https://docs.informatica.com/data-security-group/data-privacy-management/10-4-0/release-notes/preface.html

 

Release Guide:

https://docs.informatica.com/data-security-group/data-privacy-management/10-4-0/release-guide/data-privacy-management-version-10-4-0.html

 

PAM: PAM for Data Privacy Management 10.4.0

We are excited to announce the availability of Secure@Source v5.1 with you. This release enhances our Privacy features and functionalities by addressing one of the key market requirements in responding to DSAR request in an automated fashion. Additionally, the release boasts significant features and enhancements:

  • Automated DSAR Creation
    • Extends Subject Registry feature for DSAR requests
    • Addresses operational inefficiencies in procuring subject data
    • Provides detail map of data so that additional responses to subject requests such as RTBF and Rectification can be easily achieved
    • Intuitive design provides the capability to address errors and retry failed queries

Benefits: Operationalizes DSAR response, which is otherwise manual and costly. This feature provides significant savings and helps organizations comply with CCPA , GDPR, and other Privacy regulations

  • Enhanced AXON integration for Privacy Governance
    • Integration of Axon Processes
      • Overlay display of Processes in Secure@Source
      • Evaluation of Process condition rules in security policies
    • Integration of Axon Stakeholder information for policy violation notification

Benefits: Expanded end-to-end governance capabilities for privacy use cases across business and technical users.

  • Intelligent Global Whitelist / Blacklist
    • Provides flexibility and intelligence in applying manual curations across the enterprise
    • Displays the customizations in one staging area for further scope consideration
    • You can expand the scope of a column to a domain to map to all data stores, schemas, and tables

Benefits: Allow more efficient application of S@S individual Whitelist / Blacklist rules across the enterprise environment

  • Report exception and continue
    • Customer enhancement request that allows scans to continue for other data stores despite an error in one store
    • Reports on the errors so that they can be remediated

Benefits: More efficient use of maintenance windows for performing scans, avoiding the loss of scan opportunity, time and effort

  • Reset Classification Results
    • Customer enhancement request combine this with the next bullet, example: ”Customer enhancement request to continue to use the existing settings and credentials for a data store”
    • Continue to use the existing settings and credentials for a data store
    • Better user experience in case of a need to reset classification

Benefits: Simplifies the classification results reset by removing the need to add the data store again, which requires DBA involvement

 

Release Guide: https://docs.informatica.com/data-security-group/secure-at-source/5-1/release-guide/secure-source-version-5-1.html

Release Notes: https://docs.informatica.com/data-security-group/secure-at-source/5-1/release-notes/abstract.html

PAM for Informatica Secure@Source v5.1

Secure@Source v5.0 has been released to shipping and is available immediately. Secure@Source Protection – a new product offering to secure data at rest and in use – has also been released to shipping. The following new capabilities deliver broad visibility and remediation for data privacy and protection initiatives:

 

Subject Registry: Privacy Discovery for Subject Rights

  • Identify and map identities to associated data in stores across an enterprise environment
  • Support for unstructured sources to identify subject data in files
  • Export Subject Registry summary, detail, and attribute location information to CSV files
  • Group subject data by Data Domain or Data Store Owner to simplify remediation and delegation tasks

Benefits: Searchable view of data subjects and the location of their sensitive data across the enterprise to support privacy tasks and compliance with regulatory policies such as GDPR and CCPA.

*Enhanced AXON integration: Processes and Stakeholders

  • Integration of Axon Processes
    • Overlay display of Processes in Secure@Source data proliferation view
    • Evaluation of Process condition rules in security policies
  • Integration of Axon Stakeholder information for policy violation notification

  Benefits: Expanded end-to-end governance capabilities for privacy use cases across business and technical users.

  *Available via a pending patch

 

Core Improvements

  • Flexible upgrade path from 4.0, 4.1, and 4.5 to 5.0
  • Usability enhancements and customer feedback improvements
    • New Custom Notes capture and reporting for sensitive fields
    • Expanded scan options
    • Improved scan processing status and reporting
    • Enhanced job management capabilities
    • Persisted user preferences for display columns
  • Improved unstructured scanning performance
  • Updated JVM to OpenJDK 1.8.0_192 (Azul)

  Benefits: Greater ease of use and performance.

 

Secure@Source Protection: This is a new product offering providing data security for analytical repositories

  • Data at Rest encryption of sensitive data
    • In-place encryption
    • Multiple encryption options, including Format Preserving Encryption (FPE) which does not require application coding or schema changes
  • Data in Use decryption based on security policies
    • Support for evaluation conditions including data store attributes, metadata information, data domains, user attributes and query context
    • Optional notification and logging actions to support audit and security requirements
  • Inbuilt KMIP compliant key management system for management of encryption keys

   Benefits: Granular data protection both at rest and in use with policy based access to data

 

Informatica Secure@Source 5.0 Release Notes

 

Informatica Secure@Source 5.0 Release Guide

 

PAM for Informatica Secure@Source 5.0

Secure@Source v4.5 has been released to shipping and is available immediately.  This is the eighth release of the product with the following new capabilities that deliver broad visibility and remediation for data privacy and protection initiatives:

 

Core Improvements

  • Protection simulation: simulate impacts of applying protection for planning and prioritization
  • Custom risk factors: add additional factors and customer data for tailored risk modeling
  • Hierarchical classification policies: multi-level conditions and costs of policies

Benefits: Improved risk analytics and simplified protection planning.

 

Integration

  • Interop with Enterprise Data Catalog: shared data stores and scan results
  • Integration with ServiceNow CMDB: import data stores from ServiceNow

Benefits: Simplified onboarding process.

 

Detect and Protect

  • New task/action framework and email notification of task assignment
  • Remote integration with Dynamic Data Masking and Test Data Management/Persistent Data Masking
  • Ticketing integration with ServiceNow

Benefits: Accelerated time to value and ease of automation.

 

PAM Additions

  • SharePoint (2013, 2016, online)
  • OneDrive
  • Avro, Parquet
  • Azure BlobStorage
  • Azure WASB
  • EMR Hive, HDFS
  • MAPR Hive, HDFS
  • Hortonworks Atlas

Benefits: Expanded visibility across data silos.

 

Informatica Secure@Source 4.5 Release Notes

 

Informatica Secure@Source 4.5 Release Guide

 

PAM for Informatica Secure@Source 4.5

Secure@Source v4.1 has been released to shipping and is available immediately.  This is the seventh release of the product with the following new capabilities:

 

  • Core Improvements

o   Residual risk cost: Cost of unprotected sensitive data.

o   User profile page:  Provides a single and comprehensive view of user details such as directory information, data stores and sensitive fields accessed, and security policies and anomalies associated with the user.

Benefits: Accurate risk analytics, curation of anomaly, and a 360-degree view of user access and risk.

 

  • Axon Integration (Available with Axon 5.1 release coming Dec 2017)

o   Mapping of system to Data Stores.

o   Mapping of Axon Policy to Security and Classification Policies.

o   Privacy dashboard for policy and system

Benefits: Operationalization on GDPR policy, discover relevant data, assess coverage, risk, and cost, receive alerts on deviations/anomalies for better governance, continuous measurement and monitoring attainment against policies.

 

  • Customer Enhancements

o   Enriched content in data store export files.

o   Enabled option to fetch the Security Group of a datastore from the parent repository.

o   Report on historical scans.

o   Report of tables that have changed since the last scan.

o   Filter enhancements.

Benefits: Ease of use.

 

  • PAM Additions

o   Apache Hive on Amazon EMR 5.4.

o   HDFS on Amazon EMR 5.4.

o   Apache Hive on MapR 5.2.0 with MEP 2.x.

Benefits: Enterprise readiness and accelerated time to value.

 

  • Localization for French and German (only with Secure@Source 4.1)

Benefits: Enterprise readiness and accelerated time to value in the EMEA region.

 

Note that Secure@Source 4.1 has a component installer that must be deployed on top of Secure@Source 4.0.

 

 

Informatica Secure@Source 4.1 Release Notes

 

Informatica Secure@Source 4.1 Release Guide

 

Note: To download this version, please open a shipping request.

This is the fifth release of the product with the following new capabilities:

 

Introduction of anomaly detection / User Behavior Analytics

  • Baselining, correlating, monitoring, and alerting on high risk anomalous user activity on sensitive data
  • Factors contributing to anomaly with observed and expected values
  • Top anomalous users and top anomalous data stores

Benefits: Reduce alert fatigue, prioritize investigations, and accelerate detection of hidden threats and suspicious behaviors.

 

Expanded Security Policy Framework

  • Data store, user activity, and anomaly security policies
  • Definition of security policy match conditions
  • Redesigned security policy violations interface with top users, top data stores, and top policies
  • Reusable security policy actions with substitution variables for populating violation information

Benefits: Increase efficiency of security teams to orchestrate and automate remediation of high risk data stores and events

 

Expanded coverage

  • Semi-structured data (CSV, XML, JSON) on HDFS and Amazon S3
  • Microsoft SQL Server Integration Services (SSIS) proliferation information

Benefits: Broader visibility of sensitive data and proliferation

 

Improved risk analytics

  • Global tagging and filtering on data stores
  • New top data domains analytics

Benefits: Easier navigation, analysis, and reporting of high risk sensitive data.

 

Customer feedback and usability

  • Customizable dashboard
  • Optional scanning of views
  • Improved filtering on jobs page
  • Automated notification of job status changes

This is the fourth release of the product with the following new capabilities:

 

Expanded Discovery & Classification, accuracy enhancements

       Hortonworks Hive

       Conflict resolution for data & metadata match results

       Domain-level conformance score configuration

       Whitelist / Blacklist columns for data domain match

       Option to Ignore Nulls in data scans

Benefits: Improved accuracy – reduce false positives & negatives

 

Expanded Data Proliferation Analysis

  • Informatica Cloud Services
  • Cloudera Navigator
  • 3rd-party proliferation imports
  • Include unscanned data stores found in PowerCenter flows

Benefits: Broader visibility of sensitive data proliferation

 

User access & activity

  • Salesforce

 

3rd Party Integrations

  • Cyber Ark
  • Salesforce Shield Protection Status: reflects data protected in SFDC using Classic Encryption and Shield Platform Encryption, display the protection status in analytics accordingly.

Enhanced Analytics

  • Tagging: ability to add attributes to data stores (i.e. production or non-production) and use the information to identify high risk conditions
  • Improved view of proliferation including the ability display the data domains proliferating between data stores

Improved performance and scalability

  • Performance enhancements for user activity ingestion