7: Data Governance

 

 

 

  • Lesson Overview

    A review of data governance and how to keep sensitive data from being sent to unauthorized technologies.

    Transcription

    Hello, my name is Alex Brent and welcome to this video on insight and privacy. In this video we will take a look at data governance and how to keep sensitive data from being sent to unauthorized technologies. So let's take a look. You can access the Data Governance section of the gateway by either clicking on the gateway name or by clicking on the menu to the right and clicking Edit. The Data Governance section can then be found on the menu to the left.

    Enabling a Data Governance policy will prevent requests to unapproved domains that match the data pattern specified here. The first setting here will simply turn the Data Governance check on or off. Next you can specify what happens when a pattern is matched. If any data pattern is found to be a match, selecting Blocking will block the entire request and not allow any information to be transmitted. Selecting Masking will replace that data with a string of tilde keys and allow the request to go through.

    Redaction strips out the suspect data and allows the request to be transmitted. We have a set of commonly used patterns available for use. The initial one here is an email address pattern and you can simply turn this on or off. We have a group of North American patterns available for use and soon other common data sets will be available for European countries.

    You also have the ability to specify your own data patterns using a custom regex pattern box. If you are not comfortable with creating your own regex patterns, then you can always contact us and we will put this in place for you.

    Here I am adding in a custom pattern that will look for credit or debit card numbers. This is a simple piece of regex that can be added into the regex formula box here. If the number starts with a three, four or five, then has naught to 915 more times, making the entire pattern 16 numbers, then we are going to assume that this is a credit or debit card.

    Here is an example of the credit card check I've just put in place. I have sent a credit card number 444-332-2111 to test in a pixel. You can see here that the system has masked the data and replaced it with the tilter key pattern. We also offer the ability to bypass the data filter for specific domains. Here you can toggle which domains you would like the data to be sent to, regardless of the data patterns above.

    If Toggled on, all data will be sent to the Toggle domains regardless of what they contain. This would be useful for any sensitive data that you might need to pass to a specific technology in order to maintain site functionality such as an email address or phone number. Here I have set my demo site to be a trusted domain and triggered the same credit card pattern as before. You can see that this time the pattern was allowed to go through because I have set my domain to be a trusted domain in the settings.

    Be sure to save your configuration when you're done by clicking the Save button.

    Thank you for watching this video on the Data Governance settings in the Privacy gateway. In the next video, we will take a look at the notification setup, what each part means, and the setup that will allow you to get the best out of the automated monitoring. Until then, thanks for watching.