With the clock ticking on General Data Protection Regulation compliance, Veritas Technologies LLC has added a tool that uses machine learning to identify sensitive and personal data.
The vendor added its Integrated Classification Engine into the Veritas Data Insight 6.0 analytics application, which was released in June. Veritas will also make the engine available as an add-on to Enterprise Vault 12.2 for archive data this month. Veritas has long-term plans to incorporate the application, which is built on Docker containers, across all the products within its data management platform.
Veritas Data Insight identifies and profiles data by analyzing metadata attributes and user behavior. Veritas claims it can predict risk and target malicious activities.
"We have preconfigured patterns to detect over 100 different sensitive data patterns today, and more than 60 preloaded policies, such as General Data Protection Regulation and HIPAA," said Zachary Bosin, director of solutions marketing at Veritas. "It will grow over time."
The data classification engine was first integrated last year in Enterprise Vault 11.2 for Microsoft Exchange.
The European Union's General Data Protection Regulation [GDPR] is a global data protection law because it applies to all companies that store information on EU citizens, regardless of where the company storing the data is based. Organizations have until May 25, 2018 to comply, and those found not in GDPR compliance could face millions of dollars in fines.
Application provides 'Insight' into data patterns
Sean Doherty, an analyst covering workforce productivity and compliance at 451 Research, said Veritas Data Insight and the Integrated Classification Engine are particular timely, as organizations have less than a year to prepare for GDPR compliance.
"I'm getting a lot of inquiries around GDPR compliance from a lot of customers," Doherty said. "It started to ramp up after the July holidays. There will be a lot of interest in this toward the end of the year as we get closer to the deadline."
Zachary Bosindirector of solutions marketing, Veritas
The classification engine's machine learning feature applies a confidence level to the data patterns. For example, the technology can learn variations of a certain Social Security number so that it is 90% sure that number is one that should be tagged for privacy. The same rule can be applied for other personal data.
Veritas' Bosin said the Integrated Classification Engine includes more than 100 sensitive data patterns, such as driver's license numbers, Social Security numbers, national health insurance numbers, passport numbers and bank account numbers. Those identifiers can be stitched together to create a policy that is used across all personally identifiable information within the organization.
"There are a wide variety of uses that can be applied to these policies. We think it is super important that companies have these out-of-the-box capabilities," Bosin said. "This is technology that we built in-house. It uses different algorithms to understand sensitive data. It does check sum validation to compare different patterns to quickly scan through terabytes of data."
Veritas Data Insight is part of the vendor's strategy to transform from a data protection company into a full data management provider following its 2016 spin off from Symantec.
GDPR compliance is a global issue
Ten GDPR focus points for businesses
Veritas Information Map can ID risk in cloud data