How to Locate Files Containing Sensitive Data

Native Solution vs. Netwrix Data Classification for Windows File Servers
{{ firstError }}
We care about security of your data. Privacy Policy
Native Solution Netwrix Data Classification for Windows File Servers
Native Solution
Netwrix Data Classification for Windows File Servers
Steps

Create a rule to find one type of sensitive data:

  1. Open File Server Resource Manager (FRSM): Go to Server Manager -> Tools -> File Server Resource Manager.
  2. In FRSM, go to Classification Management -> Classification Properties -> Create Local Property.
  3. In the Create Local Classification Property dialog, specify the property Name and choose Yes/No for the Properties type. Click OK.
  4. Go to Classification Management -> Classification Rules -> Create Classification Rule.
  5. In General tab enter the Rule Name
  6. Go to the Scope tab, click Add and choose a directory. Click OK.
  7. Go to the Classification tab. Set Classification Method to Content Classifier and set Property to Credit Card Numbers.
  8. In Parameters section click Configure. For Expression Type, choose Regular Expression and enter the following expression to find MasterCard numbers:  ^(5[1-5][0-9]{14}|2(22[1-9][0-9]{12}|2[3-9][0-9]{13}|[3-6][0-9]{14}|7[0-1][0-9]{13}|720[0-9]{12}))$
  9. Click OK.
  10. Go to the Evaluation Type tab and specify the following:
  • Enable Re-evaluate existing properties values.
  • Select Overwrite the existing values.
  • Check Clear Automatically Classified Properties and Clear User Classified Properties.
How to Locate Files Containing Sensitive Data with FSRM

Then click OK.

Repeat the previous procedure to create classification rules for other types of sensitive data, such as American Express and Visa card numbers, if desired.

Execute the rules:

  1. Open FSRM -> Right-click Classification Rules -> Click Run Classification With All Rules Now.
  2. Under Run Classification, choose whether you want to run classification in the background. Click OK.

Review the results:

When the classification process is finished running, you will get a report on the files that were classified. It will have the sections shown in the table of contents below:

How to Locate Files Containing Sensitive Data with Native Solution

Since we are looking for files with credit card numbers, we’re most interested in the last section, which will look like this:

How to Locate Files Containing Sensitive Data with Native Solution

The instructions below include setting up Netwrix Data Classification from scratch. If you have already set it up, skip to the final part that describes how to review the report.

Set up the taxonomies:

Open Netwrix Data Classification by using the following link in your web browser: http://localhost/conceptQS/. If you are accessing it from a server other than the one it is installed on, replace localhost with the server address (or name).

  1. Click Taxonomies -> Choose Global Settings -> Click Add to create new taxonomy setting.
  2. In the Add dialog, click Load -> Choose PCI DSS from the drop-down list -> Click Add.

Set up the data sources:

  1. Click Sources -> General -> Add.
  2. In the Add dialog, choose the Folder option for file shares.
  3. Go to the Source Configuration tab and specify the following:
  • Click the “+” button next to the Folders field and specify the share address (for example, \\PDC\Shared).
  • Choose All Subfolders.
  • Check the Write classifications option.
  • Click Add.
  1. Click the Pencil icon in front of the share you specified.
  2. Click Edit -> Check Enabled -> Click Save.

Launch the classification process:

  1. Go to General -> Sources and:
  • Check the shares that you want to analyze.
  • Click Re-Collect, for initial classification

Review your report:

To see the list of files that contain payment card information:

  1. Go to Reports -> Document Reports -> Document tagging.
  2. Pick the Taxonomy you want to see a report on (PCI DSS).
  3. Click Show Filters.
  4. In the Classification field, select the terms you need a report for (“PCI DSS>Mastercard”).
  5. Click Generate.
How to Locate Files Containing Sensitive Data with Netwrix Data Classification

To download the list to CSV or XLSX, click the CSV or XLSX link labeled “Download all available records from the server”.

 

Learn more about Netwrix Data Classification for Windows File Servers

How data classification can streamline your compliance efforts

Securing cardholder data is one of the requirements of the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS  is not a law; it is an information security standard created by the major card brands that applies to all organizations that handle their payment cards. PCI DSS is only one of many standards that companies are subject to nowadays. Compliance failures can result in fines, card replacement costs, additional audits and brand damage. 

Fortunately, the same processes and tools can help you achieve compliance with many different standards. In particular, to ensure the security of regulated data, you need to understand where that data is located and classify it by type.

One option is to use native tools. File Server Resource Manager (FSRM) is a role service in Windows Server that enables you to manage and classify data stored on file servers. However, this method has multiple drawbacks, including the following:

  • It is limited to data stored on Windows file servers.
  • It does not support Optical Character Recognition (OCR).
  • It does not offer search functionality.
  • It is hard to install, configure and maintain. In particular, you have to manually configure rules for each type of data you want to classify.
  • To check the classification results, you have to open each file.

Netwrix Data Classification overcomes all of these drawbacks. It will help you find sensitive data across multiple platforms, both on premises and cloud, and includes OCR capabilities to classify data in photos and scans. Predefined taxonomies, automated classification and a powerful search engine streamline setup, enabling you to locate regulated data in minutes with far less effort. Moreover, the Netwrix solution uses compound term processing and statistical analysis, so it works in any language or vocabulary, regardless of grammatical style, and delivers far more accurate results than native tools.

Related How-tos
How to Detect Users Who Have Direct Permissions on Your File Servers How to Detect Who Read a File on Windows File Servers How to Detect Who Has Access to What Data on Windows File Servers