Privacy sensitive data settings

Coro enables you to specify the types of sensitive data to scan for on endpoint device drives in order to identify potential privacy violations.

To access privacy sensitive data settings:

  1. Sign into the Coro console and select Control Panel from the toolbar:

    Control Panel

  2. Select Endpoint Data Governance :

    EDG module

  3. Select the Privacy sensitive data tab:

    Privacy sensitive data settings

note

Coro does not actively monitor for violations in endpoint drives. An admin user must initiate or schedule a scan on a protected device to reveal potential policy violations. For more details, see:

Coro can scan device drives for the following Privacy sensitive data types:

Important

When a new workspace is created, all Endpoint Data Governance options are disabled by default. Use this tab to enable the data types for which you want Coro to scan.

File types

When activated, Coro scans documents and other files on device drives for sensitive data matching the settings enabled in this tab. Coro is additionally able to scan for sensitive data objects in image files of the following types:

  • bmp
  • jfif
  • jpeg
  • jpg
  • png
  • tiff
  • webp
  • x-portable-anymap
  • x-portable-bitmap
  • x-portable-graymap
  • x-portable-pixmap
note

Coro is unable to identify sensitive data in scanned PDFs or within images embedded in documents such as Microsoft Word.

Recommended settings by industry

Coro recommends enabling information types according to the following table of industry sectors and typical regulatory needs:

Caution

This list is non-exhaustive, nor warrantied in any way, and is included for guidance only.

Sector Regulation Data Type Comment
Accounting Services SOX, State Privacy , ISO 27001 PII
Agriculture & Food State Privacy PII & PCI PCI is relevant for establishments that receive credit card payments
Automotive State Privacy , GLBA NPI
Business & Marketing State Privacy PII
Business Services State Privacy PII
Colleges & Universities State Privacy , GLBA, ISO 27001, FERPA NPI & PII
Construction State Privacy PII
Consulting State Privacy PII
Consumer Services State Privacy PII
Education State Privacy , FERPA PII
Energy, Utilities & Waste State Privacy PII & PCI PCI is relevant for establishments that receive credit card payments
Finance State Privacy, GLBA, SOX, ISO 27001 NPI
Government FISMA, State Privacy PII
Health HIPAA, State Privacy PHI & PII & PCI
Holding Companies & Conglomerates State Privacy PII
Hospitality State Privacy PII & PCI PCI is relevant for establishments that receive credit card payments
HR State Privacy PII
Insurance State Privacy, GLBA, SOX, ISO 27001 NPI
IT services State Privacy PII & PCI
Law Firms & Legal Services State Privacy PII
Manufacturing State Privacy PII
Media & Internet State Privacy PII & PCI PCI is relevant for establishments that receive credit card payments
Minerals & Mining State Privacy PII
Organizations State Privacy PII
Pharma HIPAA, State Privacy PHI & PII & PCI
Real Estate State Privacy PII
Retail State Privacy PII & PCI PCI is relevant for establishments that receive credit card payments
Software State Privacy , SOC 2 PII & PCI PCI is relevant for establishments that receive credit card payments
Telecommunications State Privacy PII & PCI PCI is relevant for establishments that receive credit card payments
Transportation State Privacy PII & PCI PCI is relevant for establishments that receive credit card payments