8.1 Supplemental Use Case – Sensitive Data x Age Analysis
This section outlines a supplemental use case focused on Sensitive Data Cleanup. It may be more efficient to perform sensitive data analysis in conjunction with your organization’s data retention policy. By conducting this analysis at a higher aggregation, specifically at the container level, you can quickly identify a set of containers that are potential candidates for disposition or destruction as they may fall outside the scope of retention policy. This supplemental use case is meant to streamline the approach taken to conduct sensitive data clean-up and monitoring across your organization.
8.2 Process Flow – Sensitive Data x Age Analysis
Step 1 - Configure Custom Date Range Categories (Optional)
Review the current date ranges used for Default Date Range Categories and make sure they align with your data retention policy.
You can set these date ranges by going to SYSTEM > Settings > Default Date Range Categories.
Review KBA on how to configure your custom Date Range Categories:
An additional option is to configure Business Unit specific Date Ranges. This can be useful if a business unit has a specific retention policy that requires a new date range to be specified it. See above KBA’s Business Unit Date Ranges section.
Step 2 - Create Container Report
From the Analyst dashboard, select the required Business Unit, Score Category, and Repository/Host/Geographic Locations to base the report on.
For Privacy Score Category, you may select different nodes depending on the aggregation level you want to analyze at. (Privacy, Direct Identifiers, National Identifier, etc.)
In the Filters section of Report Generator, select the age category (in the example shown below, “Inactive”), and apply the Dates filter. You can utilize the Age Category configured in Step 1 or specify a Custom Date Range.
Select Report Type = Containers, then click on Generate Report.
Step 3 - Export and Analyze
From the Container Report generated, select Export Containers at the bottom to export the list of containers into a CSV file.
The report contains the following columns for object counts:
- Object Count (Column C): total number of objects in the container
- Feature Extracted Object Count (Column E): total number of objects in the container that has any Data Elements
- Scored Object Count (Column F): total number of objects in the container that is responsive to the selected Score Category and any filtering applied
By comparing Object Count (Column C) and Scored Object Count (Column F), you can determine the percentage of objects with sensitive data that fall within the date range selected within the container.
In the below example, a new column was added to the spreadsheet by the user showing the percentage of [Scored Object Count / Object Count] in Column G. Folders with 100% are good first candidates to be reviewed as they may be dispositioned or discarded all together before spending more effort in analyzing individual objects and sensitive data contained within the folder.
After the initial “100%” folders are dispositioned, then you can review the Paths of the remaining folders based upon the above criteria that are below 100%. Those folders may indicate that further review of potentially sensitive data is warranted, and dispositioning of that data can be completed outside ActiveNav in alignment with your organization’s information governance policies and procedures.