Privacy¶
Introduction¶
DBC platform uses a graphical user interface web management interface for all components available to the user. This reference guide describes the menus and options associated with the Privacy and Compliance functions in the DBC platform web management interface.
Organization of the Manual¶
This manual contains the following chapters and appendix:
-
GDPR
This chapter covers the GDPR menu. It describes how to generate, view and process GDPR Compliance data.
-
Data Classifier
This chapter describes the Data Classifier menu. It describes how to generate, view and process the data.
-
APPENDIX A - Glossary
This appendix defines the technical terms in this manual.
Changes in This Revision¶
- Added GDPR/PII Classifier feature to Compliance product.
GDPR Menu¶
| This chapter describes the options in the GDPR menu. |
GDPR Summary Page¶
Path: Discovery > GDPR
The GDPR classifier should automatically start running when you first select that option. The first time the classifier runs it can take an hour or more to process, depending on the number of statements in the system. Once the classifier has completed the first pass it will continuously update every 10 minutes.
Once the GDPR classifier has run to completion, the GDPR summary screen will appear.
The GDPR summary page allows the user to access GDPR findings, quantified by services, connections, and SQL statements found to be processing personal data.
On the top right side of the summary page, the user can hover over the matches section to see how many connections were matched.
At the bottom of the summary page, the user can view or select the top services paired by matches, by connections, and by SQL statements.
Toggling GDPR Views¶
On the GDPR summary page, in the toolbar on the right side of the page, the user can toggle the views of the services listed at the bottom of the page.
The user can choose toggling between the top services paired or by looking at the services individually.
By toggling to look at statements individually, the user can sort the statements by column in ascending or descending order.
Columns in the toggled Service Name page
| Column | Description |
|---|---|
| Service Name | Name of the service as it was discovered. |
| Service IP | IP address that the service is using. |
| Dialect | Database dialect the service is using. |
| Matches | Related terms that the statements are grouped by. |
| Connections | Number of distinct connected statements in the service. |
| SQL | Number of distinct SQL statements within the Connection statement. |
GDPR Service Drill Down¶
The user can drill down to access detailed information about the SQL statements by selecting a service in the bottom of the summary page.
GDPR Services¶
Selecting a service displays a new summary page about indicated service.
Columns in the Connection Statement page
| Column | Description |
|---|---|
| Connection IP | IP address that the connection is using. |
| User Name | User name that the connection statement is using. |
| Matches | Related terms that the statements are grouped by. |
| SQL | Number of distinct SQL statements within the Connection statement. |
GDPR Connection Statements¶
Selecting on one of the connection statements allows the user to drill down farther and access more pertinent information. Drilling down from services leads the user to the Connection Statements summary page.
The user can group statements together individually or by group connection statements.
GDPR SQL Statements¶
Further drilling down into the Connection Statements summary page leads the user into the SQL Statement summary page.
The SQL Statements page is the farthest page for the user to drill down into and summarizes the information according to which statements were matched.
At this level, the user can select between statements using the arrows on the right hand side.
To navigate between each of the levels, the user can select which level to view from the tree level toolbar.
Excluding Statements from GDPR Report¶
At any one of the levels, the user can also decide to exclude certain statements or services from the GDPR results from the toolbar on the right hand side. This feature is equipped for developments or a test environment.
GDPR Classifier¶
The GDPR function needs to be updated after new data has been processed
by the system or configuration changes have been. Click the
icon to run the GDPR classifier and
recalculate the data.
As the Classifier is running, the icon will
change to the 
icon.
Once the Classifier is done recalculating, it will revert back to the
icon.
User-Defined GDPR Terms¶
Path: Discovery > GDPR > User-Defined Terms
By selecting the 
icon on the very right-hand
side of the GDPR summary page, the user can select the User-Defined
Terms option from the dropdown menu to access the terms associated with
the GDPR.
You can add terms (letter groupings, words, or phrases) for the classifier to identify while it runs.
To add a new term, select Add Term.
Then, select the appropriate option for the new term.
Add New Abbreviation or SQL Identifier to GDPR Classifier¶
By selecting Add New Abbreviation or SQL Identifier, you are choosing for the Classifier to look directly into the SQL statements for matches.
You first need to add the exact identifier or abbreviation for the Classifier to find in the first dialog box, then add the description of what kind of information the term is associated with.
Add New Word, Phrase, or Concept to GDPR Classifier¶
By adding a new word, phrase, or concept as a new term, this will tell the Classifier to look at only the description of the term and match it with the statements, not directly looking into the SQL statements themselves. This gives the Classifier more flexibility to look at terms more broadly in the databases instead of exact matches in the SQL statements.
When finished adding the term description, select Add Term.
GDPR Excluded Services¶
Path: Discovery > GDPR > Excluded Services
Directly under User-Defined Terms option is the Excluded Services option. By taking this path, you will look directly at the excluded services from your results.
Excluded services allow to exclude services while running the classifier. This feature is available so if you want to test certain services for experiment, or exclude services that you don’t want counted in the classifier as well. You can exclude services to get a fine-detailed look at certain databases and services within your network.
By following the designated pathway, you should come to an empty screen, similar to the following:
Excluding a Service from GDRP Report¶
This view is where you go to view your excluded results. To exclude a result, return back to the GDPR summary page and select the service that you want to exclude.
Then, in the top right hand corner, click the 
icon.
The following message will appear:
Click Exclude.
Now using the designated pathway again, Discovery > GDPR > Excluded Services, you will now see the service you just excluded from results.
Re-Add a GDPR Service¶
To add the service back into your results, click the
icon on the left side of the service, then
click Include Service.
Click Include. Then the service will be included back into your classifier results.
Data Classifier Menu¶
| This chapter describes the options in the Data Classifier menu. |
Data Classifier Summary Page¶
Path: Discovery > Data Classifier
The Data Classifier should automatically start running when you first select that option. The first time the classifier runs it can take an hour or more to process, depending on the number of statements in the system. Once the classifier has completed the first pass it will continuously update every 10 minutes.
Once the classifier has run to completion, the Data Classifier summary screen will appear.
The summary page allows the user to access the data classifier findings, quantified by services, connections, and SQL statements found to be processing personal data.
On the top right side of the summary page, the user can hover over the matches section to see how many connections were matched.
At the bottom of the summary page, the user can view or select the top services paired by matches, by connections, and by SQL statements.
Toggling Data Classifier Views¶
On the Data Classifier summary page, in the toolbar on the right side of the page, the user can toggle the views of the services listed at the bottom of the page.
The user can choose toggling between the top services paired or by looking at the services individually.
By toggling to look at statements individually, the user can sort the statements by column in ascending or descending order.
Columns in the toggled Service Name page
| Column | Description |
|---|---|
| Service Name | Name of the service as it was discovered. |
| Service IP | IP address that the service is using. |
| Dialect | Database dialect the service is using. |
| Matches | Related terms that the statements are grouped by. |
| Connections | Number of distinct connected statements in the service. |
| SQL | Number of distinct SQL statements within the Connection statement. |
Data Classifier Service Drill Down¶
The user can drill down to access detailed information about the SQL statements by selecting a service in the bottom of the summary page.
Data Classifier Services¶
Selecting a service displays a new summary page about indicated service.
Columns in the Connection Statement page
| Column | Description |
|---|---|
| Connection IP | IP address that the connection is using. |
| User Name | User name that the connection statement is using. |
| Matches | Related terms that the statements are grouped by. |
| SQL | Number of distinct SQL statements within the Connection statement. |
Data Classifier Connection Statements¶
Selecting on one of the connection statements allows the user to drill down farther and access more pertinent information. Drilling down from services leads the user to the Connection Statements summary page.
The user can group statements together individually or by group connection statements.
Data Classifier SQL Statements¶
Further drilling down into the Connection Statements summary page leads the user into the SQL Statement summary page.
The SQL Statements page is the farthest page for the user to drill down into and summarizes the information according to which statements were matched.
At this level, the user can select between statements using the arrows on the right hand side.
To navigate between each of the levels, the user can select which level to view from the tree level toolbar.
Excluding Statements from Data Classifier¶
At any one of the levels, the user can also decide to exclude certain statements or services from the Data Classifier results from the toolbar on the right hand side. This feature is equipped for developments or a test environment.
Data Classifier Process¶
The Data Classifier function needs to be updated after new data has been processed
by the system or configuration changes have been. Click the
icon to run the Data Classifier and
recalculate the data.
As the Classifier is running, the icon will
change to the icon.
Once the Classifier is done recalculating, it will revert back to the
icon.
User-Defined Terms for Data Classifier¶
Path: Discovery > Data Classifier > User-Defined Terms
By selecting the icon on the very right-hand
side of the Data Classifier summary page, the user can select the User-Defined
Terms option from the dropdown menu to access the terms associated with
the Data Classifier.
You can add terms (letter groupings, words, or phrases) for the classifier to identify while it runs.
To add a new term, select Add Term.
Then, select the appropriate option for the new term.
Add New Abbreviation or SQL Identifier to Data Classifier¶
By selecting Add New Abbreviation or SQL Identifier, you are choosing for the Classifier to look directly into the SQL statements for matches.
You first need to add the exact identifier or abbreviation for the Classifier to find in the first dialog box, then add the description of what kind of information the term is associated with.
Add New Word, Phrase, or Concept to Data Classifier¶
By adding a new word, phrase, or concept as a new term, this will tell the Classifier to look at only the description of the term and match it with the statements, not directly looking into the SQL statements themselves. This gives the Classifier more flexibility to look at terms more broadly in the databases instead of exact matches in the SQL statements.
When finished adding the term description, select Add Term.
Excluded Services from Data Classifer¶
Path: Discovery > Data Classifier > Excluded Services
Directly under User-Defined Terms option is the Excluded Services option. By taking this path, you will look directly at the excluded services from your results.
Excluded services allow to exclude services while running the classifier. This feature is available so if you want to test certain services for experiment, or exclude services that you don’t want counted in the classifier as well. You can exclude services to get a fine-detailed look at certain databases and services within your network.
By following the designated pathway, you should come to an empty screen, similar to the following:
Excluding a Service from the Data Classifier¶
This view is where you go to view your excluded results. To exclude a result, return back to the GDPR summary page and select the service that you want to exclude.
Then, in the top right hand corner, click the
icon.
The following message will appear:
Click Exclude.
Now using the designated pathway again, Discovery > Data Classifier > Excluded Services, you will now see the service you just excluded from results.
Re-Add a Service to the Data Classifier¶
To add the service back into your results, click the
icon on the left side of the service, then
click Include Service.
Click Include. Then the service will be included back into your classifier results.
Contact Technical Support¶
For any technical difficulties you may experience, you can contact DB CyberTech Technical Support at the following:
Email: [email protected]
Phone: 1(800) 375-0592
Glossary¶
| Term | Definition |
|---|---|
| API | Application Programming Interface. A set of routines, protocols, and tools for building software applications. |
| Blacklisted statements | Statements that are not added to the learned set. Typically, these statements are used to filter out benign statements generated by DBAs or other non-application related interactions |
| BPF | Berkeley Packet Filter. An architecture for user-level packet capture. BPF provides a raw interface to data link layers in a protocol-independent fashion. |
| CAC | A "smart" card about the size of a credit card used as identification for active duty uniformed service personnel, Selected Reserve, DoD civilian employees, and eligible contractor personnel. |
| CSV | Comma-separated value. Data format where each piece of data is separated by a comma. |
| DHCP | Dynamic Host Protocol Configuration. A standardized network protocol used on Internet Protocol networks to dynamically distribute network configuration parameters, such as IP addresses, for interfaces and services. With DHCP, computing devices like your DBC platform request IP addresses and networking parameters automatically from a DHCP server, reducing the need to configure these settings manually. |
| DNS | Domain Name System. A hierarchical decentralized naming system for computers, services, or any resource connected to the Internet or a private network. DNS translates domain names into the numerical IP addresses to locate and identify computer services and devices with the underlying network protocols. |
| LDAP | Lightweight Directory Access Protocol. A protocol for accessing a directory listing in a TCP/IP network. It is a sibling protocol to HTTP and FTP and uses the ldap:// prefix in its URL. |
| Learned set | Contains statements considered to be part of the application’s normal behavior. |
| MAC | Media Access Control. A hardware address that uniquely identifies each node of a network. |
| MTU | Maximum Transmission Unit. The largest physical packet size measured in bytes that a network can transmit. Any messages larger than the MTU are divided into smaller packets before being sent. |
| Network File System | A client/server application that allows network users to access shared files stored on computers of different types using a Virtual File System that runs on top of TCP/IP. |
| NTP | Network Time Protocol. A networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. |
| pcap | Short for packet capture. A program for capturing network traffic. |
| Server Message Block | A message format used by Windows to share files, directories, and devices. |
| SSL | Secure Sockets Layer. A protocol for transmitting private documents via the Internet. SSL uses a cryptographic system that uses two keys to encrypt data. |
DB CyberTech
15015 Avenue of Science
Suite 150
San Diego, CA 92128
http://www.dbcybertech.com