Symantec Data Insight (DI) can help customers who struggle ith identifying data users and owners for their unstructured data. DI helps a customer answer the following questions:
- Who owns the data?
- Who is responsible for remediation of that data?
- Who has seen the data?
- Who has access to the data?
- What data is most at risk?
So what’s new in Data Insight 4.5? Here are 4.5 (get it???) things that I find awesome in this release:
- Self service portal to help make remediation easier: A portal that allows data owners and/or custodians of data to be able to remediate items directly potentially without the need for IT Security. Actions can come from either the Data Loss Prevention (Enforce) Console or the Data Insight Management Server depending on the workflow. A custom can create workflows that are specific to their own environment or use one of the pre-defined workflows such as:
- Entitlement Review: Review the user permissions on the folders and suggest changes to the permissions
- DLP Incident Management: Review policy actions and take actions on the files that violate DLP policies without having accounts on the Enforce Console. Actions are Smart Response Rules that are used to remediate the items that violate a DLP policy. An example would be triggering a Smart Response rule to encrypt a specific file.
- Ownership Confirmation: Confirm the ownership of files or folders. DI will infer the ownershiop of a file, this lets you confirm the file is actually yours.
This portal will be installed on a separate server from the Data Insight Management Console, is a separate license and requires DLP 12.5 or higher to be installed.
- Additional supported platforms for filers: Data Insight 4.5 now supports the monitoring of NetApp Cluster Mode, EMC Isilon, and Windows Server 2012. Table 2-4 in the Data Insight Release Notes covers the supported platforms for DI 4.5.
- Enhanced Reporting with Data Insight: There have been improvements and changes to reporting with the addition of some enhanced reports including:
- Reports based on User Reporting including the ability to track unresolved or migrated SIDs
- Additional charts and statistics to help understand what is happening on the Data Insight server(s) in your environment
- A Health Audit report that runs automatically at 5am that helps you and Symantec Support (if needed) understand any issues in the Data Insight environment.
- Enhanced data owner computation: Data Insight can calculate the the owner of a file and then populate that within the DLP console. In DI 4.5 we can exclude deleted or disabled users (or their SID) when calculating the actual Data Owner. However if you would like to still display this you can show it on the Inferred Owner report.
- Data Insight now provides an API specification for the Data Insight Query Language (DQL): The DQL provides a way to extract and interface with Data Insight data. This is now available vian an API so you can integrate with 3rd party applications.