Leveraging LightBeam insights for structured data sources

Overview

When a structured data source is onboarded, LightBeam scans will create an inventory of the databases, tables and columns in that data source. The list will also include classification of those columns and tables to indicate if they have sensitive data or not. This visibility into the databases and the ability to pinpoint the location of sensitive data is a significant advancement to any data security and privacy officer.

LightBeam scans the databases frequently to check for any schema changes and addition/deletion of tables and columns. This article will help you in reviewing LightBeam scan results for a structured data source.

Helpful tips for the process:

• Whenever a new column or table is scanned and added to the inventory, they are tagged as “New”. A database admin or data officer can then review and approve the change.

• Every column will have a name and some samples of data. These are helpful in reviewing column classification.

Reviewing sensitive columns after the first scan

After the first scan is completed, all the tables and columns in the data source are tagged as “New” and available for review.

You can navigate to Tables & Columns of the data source and filter by clicking the “Sensitive” button. This will provide a list of all tables which have been detected to have sensitive data.

Next you can click on specific tables of the database and click on the checkbox to only show columns with PII. After reviewing all the columns and verifying if they have sensitive data, you can mark the table as reviewed by clicking the “Action” button.

Voila! You have now verified the column classification for a table in a database. Similarly, you can review other tables and databases as well.

Updating LightBeam classification

In the situation where column classification for a table needs to be updated, click on “Column classification” and perform the following:

• To change the attribute type of a column - select the correct attribute type from the dropdown and Save.

• To mark the column as not having sensitive data - change the toggle switch for “Marked as sensitive”. This will mark the column as not having sensitive data.

Review sensitive columns when there are any updates in a Data source

Although changes in a database are not very common, when they do take place, LightBeam will identify any updates in Tables or Columns. Any new tables or columns that are detected will be tagged as “New” and depending on the content in the columns, they will be classified as having sensitive data or not.

New tables and columns can be identified with either the “New” tag against them or they can be filtered by clicking on the “Need review” button.

The review process for such tables and columns is the same as described in earlier sections.

Reviewing multiple Tables and Columns

It may not be possible to review every table and column in a database manually. For such scenarios, bulk review and re-classification operations can be performed.

Review an entire table or a group of tables

Select multiple tables in the “Tables and Columns” list and mark them as reviewed. All columns in those databases are marked as reviewed as well.

Review multiple tables from different databases

Change your view by updating to “View columns” and then select columns from the list to review. Under the “Actions” button, mark the columns as reviewed.

Note that you can also use the search bar to filter columns based on keywords.

When do you need bulk reclassification?

If you want to update the classification of multiple columns to the same attribute type, use the “Bulk Reclassify” option on the selected columns.

An example of a scenario where bulk reclassification is helpful is if you wanted to update multiple columns with “First Name” to “Name”.

Reviewing non-sensitive columns

In a data source, there may be databases which do not have any tables with sensitive information. Additionally, a table may have some columns which do not have sensitive information. You can review such tables and columns and if needed update their classification.

Reviewing maybe PII columns

There may be columns where the scan insights may not be conclusive enough to classify them as having sensitive data. Such columns are classified to their closest match. These can also be filtered using “Maybe PII”. You can review these columns and depending on the scenario perform the following operations:

• You want to confirm Maybe PII results selectively - click confirm next to the Attribute column and Save.

• You want to update a Maybe PII results to non-sensitive - change the toggle switch for “Marked as sensitive”. This will mark the column as not having sensitive data.

• You want to update a Maybe PII result to a different attribute - select the correct attribute type from the dropdown and Save.

• You want to update multiple Maybe PII results to non-sensitive - Apply MaybePII filter and select all or some columns. Click on “Bulk Reclassify” from the “Actions” dropdown. Without selecting any attribute, click on “Reclassify”.