PKWARE offers the only data discovery and protection solution that locates and secures sensitive data to minimize organizational risks and costs, regardless of device or environment. Our ultra-efficient, scalable software is simple to use on a broad range of data types and repositories, enabling precise, automated visibility and control of personal data, even in the fastest-moving, most complex IT environments. With more than 1,200 customers, including many of the world’s largest financial institutions, retailers, healthcare organizations, and government agencies, PKWARE continues to innovate as an award-winning global leader in data discovery, security, and compliance.
Where Sensitive Data Resides
Personal data is everywhere: on-premises and in the cloud, from file servers and databases to data warehouses and data lakes, to individual desktops and endpoints. Data is also shared among employees and partners, which means the same personal information may be stored in multiple repositories. Finding personal and sensitive data quickly, accurately, and completely is often more difficult than it appears.
Companies today gather so much data that it is virtually impossible to understand what sensitive data is in their possession without the help of an automated discovery solution. PKWARE and Dataguise have joined together to offer:
Extensive Platform Support
Supported discovery for the most widely used data repositories.
Run discovery scans continuously or scheduled at specific dates and times for different processes.
Execute Retention Policies
Create rules to classify, archive, delete, or move data based on data type, last accessed, age, and more.
Discover on high volumes and/or high velocities of data.
Find information that may be semantically ambiguous using context and machine learning.
Uncover Hidden Data
Ensure sensitive data is continually identified as more data is amassed.
Locate identifiers, pseudo-identifiers, and quasi-identifiers.
Context of Error
Minimize false-positives andeliminate false-negatives.
Scan for pre-defined or unique sensitive types, and collect unique counts of impacted identifiers for breach reporting
Fast And Simple Set-Up
No extensive integration or professional services work required to get started. PK Discovery doesn’t require a single line of code, and can deliver fine-grained and aggregated optics into what sensitive data you have and where it resides in minutes.
Knowing where data resides is a start. PK Discovery can find information stored on file servers, big data repositories, databases, endpoint devices, and across the enterprise. It then integrates with additional capabilities to encrypt, mask, redact, or otherwise remediate sensitive information.
Continuously monitor endpoints, servers, and enterprise solutions for sensitive information. PK Discovery initiates regular scanning based on your organization’s definition of sensitive data. If the data fits a defined pattern, the system can automatically initiate the next steps.
Of Sensitive Data
Fully utilized data is an enterprise’s most valuable asset. But data without protection becomes a liability. Masking personal, confidential, or otherwise sensitive information allows data to be desensitized or protected while still remaining usable by business teams. It’s a straightforward concept, but businesses have to consider certain complexities and subtleties to ensure their masked data remains fit for purpose.
For data-driven enterprises, data needs to be available and accessible, making masking the ideal solution for data protection. PK Masking, powered by Dataguise technology, offers:
Irreversibly protect data within the database from being revealed and misused.
Add masking and access controls to data only when it’s queried for use.
Permanently remove sensitive information as soon as it appears in files or images.
Including character-level, custom value, format-preserving, redaction, and more. Customize additional options for unique use cases.
Mask data in full or in part and keep it discoverable for audit purposes.
Change identifiable details with pseudonymization and anonymization.
Maintain Cross-Source Consistency And Persistence
Sensitive data may reside in multiple, disparate databases across your organization. PK Masking helps maintain control of sensitive data by masking it consistently across data stores. Our static masking can keep the data masked at rest while our dynamic masking only masks data when in use.
Copy production databases for non-production use quickly and easily. PK Masking automatically masks sensitive data in a DBMS, helping you fully leverage the entire data set for more accurate and meaningful insight and measurement.
Mask or encrypt one or more sensitive columns or elements in analytics systems such as Hadoop, Teradata, or Snowflake to enable safe analytics. Original values are only decrypted and visible for authorized users.
Points Of Failure
With no linkage between the original data and the masked data, our static masking ensures that there is no possibility of retrieving the original sensitive data from the masked values. This eliminates points of failure when protecting personal or sensitive data with masking.
Identities And Related Data
Today, businesses are required to stay on top of the privacy rights of hundreds of thousands—perhaps even millions—of individuals protected by multiple regulations. Meeting these requirements for privacy starts with understanding the variables and makeup of your different data subject groups relevant to each regulatory restriction. With PK Privacy, organizations have the methodologies, tools, and techniques to achieve required and acceptable levels of privacy.
Access Requests (DSAR)
Automate the DSAR response process to meet requirements faster and on budget.
Discovering sensitive data is at the root of meeting privacy requirements.
to be Forgotten
Create rules that will erase, mask, or encrypt sensitive data as soon as it is found.
Enable pseudonymization, anonymization, and de-identification of private personal data.
Integrate our right-to-know discovery and right-to-erasure protection with your existing privacy management solution or IT service management.
Scan datasets to find data that can and/or should legally be archived or deleted due to age or lack of use.
Detect and confirm breaches with monitoring, then accurately estimate and report on the breach’s impact.
Built For Privacy
Not all discovery solutions can perform efficient right-to-know or data subject access requests. PKWARE provides a right-to-know discovery solution that indexes identities and the data about those identities. PK Privacy finds information across your enterprise with data stored on file servers, big data repositories, databases, endpoint devices, and across the enterprise.
Knowing where data resides is only the starting point. Organizations must also provide right-to-erasure or right-to-be-forgotten rules. Once PK Privacy discovers data, it can automatically encrypt, mask, redact, delete, or otherwise remediate personal information as requested.
Continuously monitor endpoints, servers, and enterprise solutions for privacy data so that when it’s time to respond to a DSAR, policies can be easily followed. If the data fits a defined pattern, the system can automatically initiate the next steps.
Files And Data
If data is the new currency for businesses, then protecting it is paramount to protecting the organizations using it. With PK Encryption, powered by the merger of Dataguise and PKWARE technologies, businesses can encrypt files and databases, as well as data that is being transmitted, by converting usable data into an unreadable form and providing decryption to those with proper access to reverse the process.
Redefine enterprise data protection with complete administrative control for finding and protecting sensitive data wherever it is stored. PK Encryption protects your business from financial and reputational damage while adding confidence that sensitive information is secure.
Apply protection to the data itself for hundreds of file types so sensitive information stays encrypted no matter where it is stored, shared, or copied.
Encrypt data while preserving the formatting and length of the original data.
Protect data at rest on enterprise servers and automatically encrypt/decrypt as data is read/written across the network.
Encrypt the data while it’s in motion, especially for migration or an ETL process.
Invoke discovery processes that automate encryption workflows.
Provide mechanisms for decrypting and discovering data that is encrypted from uncontrolled third-party applications.
Automate policy-based encryption for sensitive data in TXT, AVRO, Sequence, RC, ORC, JSON, XML file formats, and more.
Sensitive data remains safe even when it’s sent to users outside the organization.
Encrypt data at endpoints such as laptops, desktops, and mobile devices, as well as in large-scale cloud storage systems, database systems, and file servers.
Encrypt sensitive elements in unstructured files and cloud storage objects, and sensitive columns in databases and structured files.
Seamlessly and securely send end-to-end encrypted emails internally and externally while preserving user workflows.
Leveraged Crypto Hardware
Extend IBM Pervasive Encryption® and leverage IBM CPACF, zIIP and zEDC for IBM Z and FIPS-140 compliant PCIe3 Crypto Coprocessor for IBM I.
Easy To Implement
With no endpoint software required, PK Encryption quickly secures files and data without application changes, additional infrastructure, or professional services. And it does all this without disrupting existing workflows.
Or Transparent Data
There’s more than one way to encrypt data, and the method for each use case depends heavily on where and when both encryption and decryption need to happen. PK Encryption empowers both persistent encryption that applies protection directly to the data and transparent data encryption for protecting stored data on enterprise servers.
Two Points Of View
Encrypt both structured and unstructured data in ways that leave it usable for both protection and analytics. Both types of encryption are available on files, databases, on-premises and cloud object stores, all major cloud players, relational databases, file shares, Hadoop, and more.
If a sender is authorized to transmit sensitive information but forgets to encrypt it beforehand, PK Encryption will not re-route or block. Instead, smart technology encrypts the message for the recipient using a public key or unique Smartkey, limiting the opportunity for data loss prevention.