Security and Privacy are not (and should not be) mutually exclusive

Detection

• Do you scan the data, ALL the data (not just metadata or sampling only)?

• Does your data scan allow for intelligent machine learning and context-based detection?

• How many platforms are supported out-of-the-box and do you scan all structured, semi-structured and unstructured data sources (e.g. RDBMs, file systems, Hadoop, mainframe, Teradata, AWS, Azure, GCS, Snowflake, NoSQL etc.)?

• Do you scan these various repositories for unique PII identifiers to create a comprehensive ‘identity inventory’?

Protection

• Do you de-identify sensitive data in repositories across the enterprise to align with compliance and privacy regulations (i.e. PII, GDPR, CCPA, HIPPA)?

• When de-identifying the data, can you maintain referential integrity and consistency of values across multiple tables and databases?

• Can you de-identify structured, unstructured and semi-structured data sources–at the element level?

• Does your de-identify process require ETL of any kind?

Monitoring

• Does your solution send alerts based on access to a file or table that contains specific sensitive data elements?

• Does the software leverage machine learning to identify access trends, changes in behavioral norms and become more intelligent over time?

Results, Reporting, Integrations

• When scanning sensitive data, do you move, capture, and/or create new copies of that data?

• Do you provide detailed results of what was scanned including exact quantities and precise locations of sensitive/PII data?

• Can you pass results metadata directly to any classification, tokenization, data visualization or DLP solution?

Additional Privacy Considerations

• Can you de-identify and/or delete PII data of specific individuals– in support of the right to erasure under GDPR / CCPA?

• Do you help address (track, report, audit) other specific privacy regulation requirements such as 3rd party disclosures, cross border transfers, retention periods, etc.?

What Else Is Important To Consider?

• Do you have a customer list of referenceable Fortune 100 companies?

• Can you scale at an enterprise level and scan / process and protect PBs of data across a wide range of repositories (RDBMs, file systems, Hadoop, mainframe, Teradata, AWS, Azure, GCS, Snowflake, NoSQL etc.)?

• Can your product be deployed and operational, providing meaningful results in under an hour?

• Can your solution be deployed on-premise, in the cloud, and/or hybrid environment?

• Is your product certified on AWS, Azure, and GCS native services / offerings and available through their respective marketplaces?

• Do you require any agents or components to be installed on target repositories / systems?

The Questions You Should Be Asking...When Evaluating Data Security and Privacy Software

DATAGUISE, INC. | 39650 LIBERTY ST. STE 400 | FREMONT, CA 94538 | 877.632.0522 | WWW.DATAGUISE.COM

Schedule a Demo Today:www.Dataguise.com/Demo

About DataguiseDataguise enables organizations to deserve digital trust by protecting privacy as they use personal data to drive business value. We are used by Fortune 500 companies worldwide to discover, protect, and monitor personal information across their enterprise, on premises and in the cloud. With Dataguise, organizations can focus less on managing risk and compliance, and more on using personal information to improve the products, services, and experiences that fuel business growth. To learn more, visit www.dataguise.com.