DataPatrol Framework: A data protection solution

Overview

Organizations often need help automatically detecting the growing list of sensitive data types and need more visibility into data security risks, especially when ingesting unstructured data. It is critical to identify and protect the sensitive data collected from any unauthorized disclosure, and it is the responsibility of every organization to effectively discover, control and manage their sensitive data footprints and comply with all relevant data protection laws and regulations.

Customers are relying on fully managed data security services that will automate protection against sensitive data leaks and leverage the capabilities of machine learning and pattern-matching techniques to swiftly address these limitations.

HCLTech’s DataPatrol Framework leverages native AWS services to provide end-to-end automation, from scanning the sensitive data at the point of ingestion to dashboarding key insights for business consumption. This ML-powered framework can seamlessly detect several identified and custom sensitive data types catering to any industry, supporting PII protection and strictly adhering to data privacy, compliance and regulatory needs such as GDPR, PCI-DSS and HIPAA. It can support unstructured data and be plugged into any layer that requires sensitive data discovery for the underlying raw source data.

Features

The DataPatrol Framework comprises the following key features, each with several interesting capabilities that are crucial for building a robust and complete data patrolling solution.

Sensitive data discovery

Fully managed, updated machine learning techniques for PII detection and the ability to define and use custom datatypes using regular expressions have proven to deliver quality discovery of a variety of sensitive datatypes from customers' source data

Secure data isolation and encryption

This feature will assist in the effective isolation of highly sensitive data files right at the ingestion layer itself and prevent further leakage to downstream systems

Severity-based email alerts

Based on the Amazon EventBridge events, this workflow automatically triggers the Amazon SNS service to send custom email notifications to its subscribed users containing critical details on the sensitive data file location along with its severity level warnings (High/Medium/Low)

Audit and compliance reports

A consolidated DataPatrol report for each patrolling job will be auto-downloaded to a customer-specified location for quick review and action on the findings

Centralized management of sensitive data findings

Integration with AWS Security Hub provides a comprehensive vision and security findings management strategy to aggregate and analyze all highly sensitive data findings from a single window stored as a standard AWS Security Finding Format (ASFF) for further processing

Incident reporting and management

HCLTech's Data Patrol Framework is fully integrated with HCLTech's iONA (iAct) solution to auto-create incidents in the ServiceNow tool for every high-severity detection and assign them to the appropriate user group for further review and action

DataPatrol dashboard

It is fully capable of delivering pre-built ML-driven insights with auto-narratives that are embedded contextually in the dashboard using natural language for quick interpretation

Benefits

DataPatrol's architecture leverages native AWS Services for sensitive data discovery and analytics.

Automated discovery

Fully managed, updated machine learning techniques for PII, PHI, PCI detection and the ability to define and use custom datatypes

Centralized management of sensitive data

Integration with AWS Security Hub provides a comprehensive single view of security findings stored as a standard AWS Security Finding Format (ASFF) for further processing