Versions Compared

Version Old Version 9 New Version Current
Changes made by

İrem Kara

İbrahim Çallı

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

GEODI Discovery enables discovery for many different sectors and purposes. The intelligent recognizers that come with Discovery provide the robust infrastructure needed for GEODI Discovery automatic classification.

Table of Contents
-zone
Table of Contents
Child pages (Children Display)

Reports

There are more reports with GEODI Discovery.

The system admins and members of "ACC.Discovery" group can access the reports. The reports are visible in the workspaces only if "ACC.Discovery":true settings exist in the GenericSettings in Workspace Advanced settings.

Report: Discovery-Content Findings

Each row in the Content findings report is a discovery type. This report is much simpler than the content summaries report and can be useful to determine conforming and nonconforming sources.

View file
nameContentFindings.csv

Report: Discovery-Destroy

GEODI uses reporting infrastructure to generate remediation scripts. Destroy script is one of them.

There is no undo for Destroy. Please use it with care.

  1. Due to internet browser security measures scripts are generated in *.bat.txt extension. Please rename it to *bat, before use.

  2. We suggest, the scripts must best be used on the same machine as the GEODI server installed due to access rights and paths and other issues.

  3. The generated script is in Windows Batch language. You may change it to work in bash, python, or any other language.

Report: Discovery-Quarantine

Like destroy, quarantine is also a script. The script effectively moves the content to a determined place.

There is no undo for Quarantine. Please use it with care.

  1. Please make sure the Quarantine place has enough storage size.

Other terms are the same as Destroy.

Report: Discovery-Encryption

The encryption script generates encrypted files in the same place. You may run Destroy to destroy the originals.

  1. You may use different passwords in multiple scripts. Please keep the password in a secure place.

  2. You will need Winrar.

Report: Discovery-Batch-Masking

(info) This report requires a Masking license.

Batch masking is a GEODI DCC file to mask selected files. DCC can be run on GEODI Server. Masking covers local and network sources.

  1. The script requires the following parameters.

    1. Token → A token with a user that has masking permission. Obtain a token from <geoddi-url>/API.

    2. MaskDataMetaID, is the profşile ID of the masking pattern. You can find the IDs of the profiles that come with masking on the https://decesw.atlassian.net/wiki/spaces/geodien/pages/3977642003/Module+GEODI+Data+Masking page.e

    3. A place to store masked files. Make sure there is enough storage in the place.

Report:Discovery- Content Findings(DB)

This report tells about which table/column contains sensitive data. It works only for DB content. For unstructured data, please use the Content Findings report.

View file
nameSampleDBReport.xlsx

Panels

A variety of ready-made panels come with GEODI Discovery. The appearance of the panels depends on the permissions.

The system admins and members of "ACC.Discovery" group can access the panels. The panels are visible in the workspaces only if "ACC.Discovery":true settings exist in the GenericSettings in Workspace Advanced settings.

Discovery Panel

This panel is very brief on all findings. For this panel, you can refer to the GEODI 131 tutorial.

PCI/DSS Panel

A PCI/DSS version of the Discovery panel comes with PCI/DSS module.

Client Panel

This panel is to monitor GDE ve Classifier agents. Please check the following page for the details. This panel Clients Paneli is visible only to System Admins.

GEODI Agent Management Panel

minLevel1
maxLevel6
outlinefalse
styledefault
typelist
printabletrue

Discovery Lifecycle

There are five basic steps to discovering a Data Source. While it is possible to discover all data sources together, we suggest separating each one. When you finish discovering each one, your project will be finalized. This method is also suited to handle new data sources or changes in discovery scope.

Keşif.pngImage Added

  1. Determine the discovery purpose.

  2. Define the data source.

  3. Discover.

  4. Present/Report.

  5. Remediate/Action.

Determining the purpose of exploration provides a healthy start. You may have KVKK, HIPAA, PCI/DSS, Fraud, or other goals. DECE-STORE has recognizers, reports, panels, and actions suitable for regulations and countries. Once the basic GEODI installation is complete, you must download the appropriate DECE-STORE modules.

Data sources, permissions, and other preferences are defined in the Project Wizard.

...

The Discover phase is where personal data, financial data, and other specified data are discovered. It may take time, depending on the data size, scope of discovery, and options. We always recommend that you start with a sample exploration and decide on a full exploration based on the results. Exploration by sampling saves you a lot of time in this sense. Presentation of discovery results is provided through the Discovery Panel and Reports. GEODI can present the exploration results in a one-page summary or in great detail. In this way, it becomes easier to decide which sources, which types contain what kind of data, and what action you should take. With actions, source data can be destroyed, encrypted, or quarantined. Options such as batch masking are also offered. Action results are reflected in your discovery panel and reports. You can continue this way until you minimize the risks.

Reports

With GEODI Discovery, new reports are generated. These reports provide extensive information on which areas contain sensitive data, the areas you need to target for actions such as destruction/quarantine, and business processes.

...

Actions

GEODI Discovery comes with many actions that allow us to change the data. These actions allow you to destroy or quarantine the target data.

...

Panels

The panels show you a summary of GEODI exploration results. Thanks to the capabilities of the panels, you can access the results more easily than the reports.

...

Agent Management Panel

For the management and monitoring of GDE and Classifier agents, please refer to the following page. The Clients Panel is only accessible to System Administrators.

...

Petabyte Discovery

GEODI has an average data processing speed of around 0.5-1.5TB per day in both structured and unstructured data sources. However, even at such high speed, it's not sufficient to process several hundred TB and above data in reasonable timeframes. For this purpose, you should set up multiple GEODI servers to create a Cluster. GEODI Cluster configuration will enable the management of multiple GEODI servers as a single GEODI, with features such as centralized reporting and administration.