Privacy sensitive data settings
Coro enables you to specify the types of sensitive data to scan for on endpoint device drives in order to identify potential privacy violations.
To access privacy sensitive data settings:
-
Sign into the Coro console
and select
Control Panel
from the toolbar:
-
Select
Endpoint Data Governance
:
-
Select the
Privacy sensitive data
tab:
note
Coro does not actively monitor for violations in endpoint drives. An admin user must initiate or schedule a scan on a protected device to reveal potential policy violations. For more details, see:
Coro can scan device drives for the following Privacy sensitive data types:
- Personally identifiable information (PII)
- Protected health information (PHI)
- Payment card information (PCI)
- Non-public information (NPI)
Important
When a new workspace is created, all Endpoint Data Governance options are disabled by default. Use this tab to enable the data types for which you want Coro to scan.
File types
When activated, Coro scans documents and other files on device drives for sensitive data matching the settings enabled in this tab. Coro is additionally able to scan for sensitive data objects in image files of the following types:
- bmp
- jfif
- jpeg
- jpg
- png
- tiff
- webp
- x-portable-anymap
- x-portable-bitmap
- x-portable-graymap
- x-portable-pixmap
note
Coro is unable to identify sensitive data in scanned PDFs or within images embedded in documents such as Microsoft Word.
Recommended settings by industry
Coro recommends enabling information types according to the following table of industry sectors and typical regulatory needs:
Caution
This list is non-exhaustive, nor warrantied in any way, and is included for guidance only.
Sector | Regulation | Data Type | Comment |
---|---|---|---|
Accounting Services | SOX, State Privacy , ISO 27001 | PII | |
Agriculture & Food | State Privacy | PII & PCI | PCI is relevant for establishments that receive credit card payments |
Automotive | State Privacy , GLBA | NPI | |
Business & Marketing | State Privacy | PII | |
Business Services | State Privacy | PII | |
Colleges & Universities | State Privacy , GLBA, ISO 27001, FERPA | NPI & PII | |
Construction | State Privacy | PII | |
Consulting | State Privacy | PII | |
Consumer Services | State Privacy | PII | |
Education | State Privacy , FERPA | PII | |
Energy, Utilities & Waste | State Privacy | PII & PCI | PCI is relevant for establishments that receive credit card payments |
Finance | State Privacy, GLBA, SOX, ISO 27001 | NPI | |
Government | FISMA, State Privacy | PII | |
Health | HIPAA, State Privacy | PHI & PII & PCI | |
Holding Companies & Conglomerates | State Privacy | PII | |
Hospitality | State Privacy | PII & PCI | PCI is relevant for establishments that receive credit card payments |
HR | State Privacy | PII | |
Insurance | State Privacy, GLBA, SOX, ISO 27001 | NPI | |
IT services | State Privacy | PII & PCI | |
Law Firms & Legal Services | State Privacy | PII | |
Manufacturing | State Privacy | PII | |
Media & Internet | State Privacy | PII & PCI | PCI is relevant for establishments that receive credit card payments |
Minerals & Mining | State Privacy | PII | |
Organizations | State Privacy | PII | |
Pharma | HIPAA, State Privacy | PHI & PII & PCI | |
Real Estate | State Privacy | PII | |
Retail | State Privacy | PII & PCI | PCI is relevant for establishments that receive credit card payments |
Software | State Privacy , SOC 2 | PII & PCI | PCI is relevant for establishments that receive credit card payments |
Telecommunications | State Privacy | PII & PCI | PCI is relevant for establishments that receive credit card payments |
Transportation | State Privacy | PII & PCI | PCI is relevant for establishments that receive credit card payments |