Getting your sensitive data under control doesn’t have to be complicated, time-consuming or costly. In fact, there’s a lot you can do with ALTR’s free plan to know, control, and protect sensitive data quickly so you can move on to more value-adding activities. ALTR lets you see who’s using what data, when, and how much. Within minutes, you can quickly classify data, apply controls, and generate alerts, even block access. Don’t believe me? Let’s review five things you can do in an hour with ALTR.
- Automatically classify your data
- View every query your data
- Set masking policies
- Block access
- Receive alerts on anomalies
1. Classify your data
Before you can govern private data, you need to know which data is sensitive.
First, let’s assume you’ve already set-up your ATLR SaaS platform account and have logged in. To classify your data, all you need to do next is connect one of your databases. As you're connecting the database, simply check the option to classify this data. ALTR then categorizes the data and presents a tab for Classification, which is where you can find the data grouped under common data tags.
If you did not classify a database when it was first connected, you can go back later to classify it. Just click the name of the database from within the ALTR screen, select the classify data checkbox, and update your database. In a few minutes, ALTR presents the classification report.
The report shows how data is classified as sensitive. ALTR categorizes the private data into types, such as social security numbers, email addresses, and names. You can use this information to then add controls to any column of data, such as locking or blocking people from access.
You can also allow access, but see every attempt to access the data, known as a query.
2. View every query on classified data
The second way to protect your sensitive data is to use the Query Log function, which lets you know immediately who is trying to do what with your sensitive data. ALTR lists every single query that users executed on your sensitive data: the log includes the exact query and who created it. All of this information is collected in one place, allowing you to filter the queries so you can see immediately what's happening across your company. After the first 24 hours, ALTR presents a heat map that provides a visualization of the activity on your sensitive data. The heat map is updated once a day.
3. Set masking policies
When you’re putting a lock on a particular column of data, you can also add a masking policy. With masking, the goal is to give users only the minimal amount of information they need from the data, nothing more, to provide the most protection possible. In real terms, not everyone needs the same level of access to the same data.
For example, a marketing specialist might need a full email address whereas an analyst only wants to know how many people have a specific service like Gmail, so they just need to see the @domain. They don’t need the entire, fully qualified, email address.
Another common masking technique is to only show the last four digits of the social security number to allow a call center employee to verify your SSN—but they don't need access to the whole thing to verify that you are who you say you are. Masking is a simple yet highly effective way to enable functionality without fear of inadvertently showing the digital crown jewels.
4. Block access to sensitive data
ALTR allows you to add thresholds that prevent or allow access to datasets.
To prevent access, you can set the threshold for a Block action when a rule is met. The threshold rule for blocking could be based on access rate, when someone tries to access the data a certain number of times; a time window, like the weekend; or from a range of IP addresses. You can include other parameters such as user groups that the threshold rule applies to.
5. Generate alerts when sensitive data is accessed
Lastly, to protect your sensitive data, you can also set a threshold to Generate Anomaly, which instead of blocking access, grants access, but also sends an alert that lets you know who is accessing the sensitive data. Similar to blocks, you can establish anomaly thresholds based on access rate, time window, and IP address. For example, you may grant access while sending alerts at a certain time, such as during the weekdays when an administrator is on duty, and block access completely during the weekend or at night. ALTR sends alerts whenever someone tries to access the data.
Protect sensitive data in minutes—without code
Regardless of the policy you choose, ALTR allows you to set controls in minutes without code. You can classify sensitive data, block access, or generate alerts as soon as you connect ALTR to your data. Just pick the dataset that you want to and apply the rules. You can do a lot within that first hour. And it just gets better from there.