Now that EU GDPR has arrived, it is important to understand how to configure groups of criteria to the compliance standards your organization is concerned about most. StealthAUDIT’s Sensitive Data Discovery allows you to identify file content that matches your set criteria. This can be done for keywords or regular expressions, as well as groups of any of those criteria sets.
The configuration for this is found within the Criteria Editor. To get there navigate the Job Tree to the 1-SEEK System Scans job located in Jobs > FileSystem > 0.Collection. Open the Query Properties as shown below:
From here, select SDD Audit Criteria Settings, and then the Edit button to open the Criteria Editor:
Now we can setup our custom Summary Criteria using the Add (+) button in the top left. Here I am setting Summary Criteria by sets specific to EU GDPR, but they can be selected based on other compliance standards like HIPAA, SOX, etc. With the new Summary Criteria selected use the middle window to select which criteria sets should be included:
With the new criteria saved and selected back in the SDD Audit Criteria Settings window, the 1-SEEK System Scans job can be run to include our new criteria. Now StealthAUDIT’s default reports and the Access Information Center will have references to the associated compliance standard we configured aside from only the specific data discovered. I’ve included a few examples of our new data, whatever naming used for the criteria is what is shown as the criteria match:
Don’t miss a post! Subscribe to The Insider Threat Security Blog here:
Jeff is a Senior Engineer at STEALTHbits.