Installer Guides

SMB

Connecting SMB on-prem and Azure SMB File Shares to LightBeam

Overview

LightBeam Spectra users can connect various data sources to the LightBeam application and these data sources will be continuously monitored for PII, PHI data. Azure File Shares can be connected to LightBeam using SMB protocol. To learn more, see Appendix.

Example: SMB, MySQL, PostgreSQL, etc.

Connecting SMB Data Source

  1. Login to your LightBeam Instance.

  2. Click on DATASOURCES on the Top Navigation Bar.

  3. Click on “Add a data source”.

Figure 1. LightBeam SMB - Add Data Source

  1. Search for “SMB”.

Figure 2. LightBeam SMB - Search for SMB

  1. Click on SMB Server.

Figure 2.1 SMB

  1. Fill in the requested information and click on Next.

Basic Information

  • Data Source Name: This is the unique name given to the data source.

  • Description: This is an optional field needed to describe the use of this data source.

  • Primary Owner: An email address of who is responsible for this data source and in case of alerts this email ID will get alerts by default.

  • Entity Creation: LightBeam Spectra detects and associates attributes based on the context and identifies whose data it is; these are called as entities. Example: Jane Doe is an entity for whom LightBeam Spectra might have detected Name and SSN in a monitored data source.

  • Location: The location of the data source is indicated here.

  • Purpose: The purpose of why the data is being collected/processed.

  • Stage: The stage of the data source. Example: Source, Processing, Archival, etc.

Figure 3. LightBeam SMB - Basic Information

Datasource Configuration

Provide the credentials as shown below

.

Figure 4.1 LightBeam SMB - Scan All Members

  • User Name: Provide the SMB share domain or local username.

  • Password: Provide the password for the user.

  • Domain: Provide the domain for the User Name if any.

  • URL: Provide the IP address of the file server.

Enter the SMB share names in Input Share and click on “Add” .

(Note: Please ensure netlogon service is running on the SMB sever using command net start netlogon )

Verify that you get the message “Validation Success” on the screen.

Click on Save.

Now we are ready to connect to the test database and proceed.

Scanning specific directory

Scanning specific sub directory within SMB share

Use the following syntax to scan a sub directory from SMB share.

Example share name is C and path containing the files to scan is /Data/Sample PII data use the following syntax

Appendix:

Azure File Share Integration

Azure File Shares can be connected to LightBeam using SMB protocol. This section details the specific steps for Azure implementations.

The Azure portal provides a PowerShell script that you can use to mount your file share directly to a host using the storage account key. Unless you're mounting the file share using identity-based authentication, we recommend using this provided script.

Azure-Specific Prerequisites

  • Azure storage account

  • Azure file share

  • Appropriate Azure permissions

Connection Process for Azure File Shares

1. Obtain Connection Information

  1. Sign in to the Azure portal.

  2. Navigate to the storage account that contains the file share you'd like to mount.

  3. Select File shares.

  4. Select the file share you'd like to mount.

  5. Select Connect.

  6. Select the drive letter to mount the share to.

2. Configuration Details

From the script use following details for LightBeam SMB datasource configuration:

username=<storage-account-name>
password=<storage-account-key>
domain=N/A
URL=<storage-account-name>.file.core.windows.net/<share-name>

Copy over the script in notepad locally to preserve the credentials.

3. Additional Considerations

  • Save the PowerShell script locally for future reference

  • Keep storage account credentials secure

  • Consider using identity-based authentication for enhanced security

About LightBeam

LightBeam automates Privacy, Security, and AI Governance, so businesses can accelerate their growth in new markets. Leveraging generative AI, LightBeam has rapidly gained customers’ trust by pioneering a unique privacy-centric and automation-first approach to security. Unlike siloed solutions, LightBeam ties together sensitive data cataloging, control, and compliance across structured and unstructured data applications providing 360-visibility, redaction, self-service DSRs, and automated ROPA reporting ensuring ultimate protection against ransomware and accidental exposures while meeting data privacy obligations efficiently. LightBeam is on a mission to create a secure privacy-first world helping customers automate compliance against a patchwork of existing and emerging regulations.

For any questions or suggestions, please get in touch with us at: [email protected].

PreviousBoxNextCRM

Last updated