Data Privacy Management
This section describes new Data Privacy Management features in version 10.4.1.
Privacy Dashboard
Effective in version 10.4.1, Data Privacy Management includes a Privacy Dashboard to view and monitor data in the Subject Registry.
Use the summary indicators and workspace indicators on the dashboard to view information on total subject counts, legal hold counts, subject types, and subject requests. You can track subject requests and take further action on requests from the details pages that you can open on the dashboard.
You can also view information on data stores that contain subjects and the location of data stores that contain subjects.
For more information about the Privacy Dashboard, see the Informatica Data Privacy Management 10.4.1 User Guide.
Data Stores
This section describes new data store properties and sources.
Version 10.4.1 includes the following unstructured data store properties:
- Scan with Remote Agent
- When enabled, the remote agent scanner discovers sensitive data and maps subject identities.
- Folder Options
- Indicates whether the scan reads all folders in the data store, specific folders that you select from a list, or folders that you specify by entering regular expressions.
- Include Folders
- If you choose the Select Specific Folders option, the file paths for at least one folder to include in the scan.
- Exclude Folders
- If you choose the Select Specific Folders option, the file paths for at least one folder to exclude from the scan.
- Folder Regular Expression
- If you choose the Use Regular Expression option, a regular expression for at least one folder to include in the scan.
- Associated Remote Agents
- When you associate a data store with a subject registry remote agent, the Data Store Details page shows the name of the remote agent. If your role includes the View Proxies privilege, you can click the remote agent name to view the properties on the Remote Agents workspace.
Version 10.4.1 supports the following data sources:
- Google Drive
When you create a Google Drive data store, you must enable the Scan with Remote Agent option and associate the data store with a subject registry remote agent on the Remote Agents workspace before you scan the data store.
- SAP HANA
- After you create an SAP HANA data store, create and run a scan to discover sensitive data.
- Snowflake
- After you create a Snowflake data store, create and run a scan to discover sensitive data.
For more information, see the "Data Store Properties" and "Scans" chapters in the Informatica Data Privacy Management 10.4.1 User Guide.
Jobs
This section describes new job types.
Version 10.4.1 includes the following job types:
- Incremental Scan
- After you run an initial data store scan, you can run the scan again on the Scans workspace. If the data store has new or updated fields or files since the last scan, the Incremental Scan job scans only the records that changed since the last scan job ran. You can download the results of the Incremental Scan job on the Scan Details page.
- Import Catalog Results
- For data store scans that completed with a Warning, you can view the message with details on the Data Store Details page. If the message indicates that recent updates are available in Enterprise Data Catalog, select Actions > Scan for Missing Data Domains. The Import Catalog Results job runs immediately to import the missing data domains that match the data store.
- Sync Catalog Updates
- After the Import Catalog Results job runs successfully, select Import Results from Enterprise Data Catalog from the Actions menu on the Data Store Details page. The Sync Catalog Updates job runs immediately to match the data domains that the Import Catalog Results job imported with the data store.
Unstructured Data Stores
This section describes changes to the way that Data Privacy Management discovers sensitive and personal data for unstructured data stores.
Version 10.4.1 includes the following new features for unstructured data stores:
- Settings
- On the Settings workspace, you can select the maximum file size to include in unstructured data store scans. When you scan a data store that is associated with a remote agent, the scan excludes files that exceed the specified size.
- Remote Agents
- When you create an unstructured data store on the Data Stores workspace, you can associate the data store with a subject registry remote agent and specify that the remote agent scanner matches data domains to sensitive files.
- Data Domains
You can use the data domains included in the Data Privacy Management installation that match pre-configured classification policies such as PII, PCI, PHI, and GDPR to scan unstructured data stores with a remote agent.
You must configure the data domains with a Pattern match and enter regular expressions that match keywords to data and metadata in the data stores. For data domains that are not included in the installation, you can configure data domains with regular expressions in a multiplexing proxy agent (MPA) and include the data domains in classification policies.
- Classification Policies
- Data store scans discover sensitive fields/files and data domains that match the classification policy conditions you configure when you create the scan. You can add a custom match condition to match file tags in Google Drive and Microsoft SharePoint data stores.
- Jobs
On the Jobs workspace, the Browse job step generates a CSV file that lists the maximum file size setting, the files and folders included in the scan, and any errors that the job step encountered.
The AgentProfiling job step generates two scan reports and, if the job step encountered errors, an exception report as a CSV file. The exception report lists the folders and files that the job excluded from the scan and provides details about the errors.
For more information, see the Informatica Data Privacy Management 10.4.1 User Guide.
Subject Registry Data Encryption
Effective in version 10.4.1, Data Privacy Management encrypts golden record data identified in subject scans and stores encrypted data in the HBase repository.
The data is encrypted each time a subject scan runs and the data in the Subject Registry repository updates.