Skip to main content

Sensitive data governance

Many organizations have implemented data governance policies to protect sensitive data such as Social Security Numbers, credit card numbers or bank account numbers against unauthorized access, use, or disclosure.  You can use Striim’s sensitive data governance features, powered by Striim AI, to discover and handle sensitive data in your Striim applications in accordance with your business policies. Striim AI to detect sensitive data in its input data stream. Striim AI uses a combination of classification algorithms, pattern matching, and analysis of the data and the metadata, including the field names, to identify sensitive information. The accuracy of detection can depend on the AI engines that you use for Sentinel, and the AI engines may sometimes misclassify information.

Striim offers two data governance features, both powered by Striim AI: 

  • Sherlock AI enable you to discover sensitive data that may flow into your Striim applications from your configured sources. Sherlock is typically used at design-time. You can run Sherlock on any application that contains a source without having to modify the application.

  • Sentinel AI is a run-time feature for real-time sensitive detection and protection. You can place the Sherlock component in your application and it can detect sensitive data flowing through it and take take protective actions such as masking or encrypting the sensitive data before it flows downstream.

Types of data supported by Sherlock AI and Sentinel AI

Both Sherlock AI and Sentinel AI can process data from sources that are supported by Striim if the sensitive information spans the entire content of the column or field that it is located in. Sherlock AI and Sentinel AI do not currently support the detection of sensitive information in free-form text where only a certain part or parts of the textual content are sensitive.  Additionally, Sherlock AI and Sentinel AI do not support binary data sources such as image, movie, audio, PDF or application files, or binary data types such as BLOB (Binary Large Object).

Sensitive data supported by Sherlock AI and Sentinel AI

For a list of sensitive data types supported by Sherlock AI and Sentinel AI, see Sensitive Data Identifiers.

Best practice recommendations

Striim recommends provisioning adequate resources for Striim AI features - at least one additional cluster node - to ensure that the performance of your Striim applications is not adversely impacted.

Limitations

AI features are not always accurate or error-free, and you acknowledge and agree that Striim AI (including Sherlock AI and Sentinel AI) may not properly detect, classify or encrypt, mask or otherwise protect all sensitive and other targeted information.