Regulatory sensitive data

Sensitive data is data that is considered private or protected by law, policy, or contractual obligation. Coro detects sensitive data stored on your users' devices that may be subject to regulatory or data compliance requirements.

Coro detects file access violations on local and removable drives through sensitive data scans.

note

Each organization is unique and is required to comply with specific sensitive data regulatory requirements. Use the Coro interactive discovery tool to assess your specific data governance needs.

Coro categorizes sensitive data objects it can monitor and expose into four types:

Important

For information on the sensitive data that Coro recognizes, see Sensitive data recognized by Coro.

Credit card data

Credit card data is data found on or associated with credit cards. Credit card data includes, but is not limited to:

  • Card expiration dates
  • Cardholder names
  • Card numbers
  • Card verification values (CVVs)

Health data

Health data is data collected, stored, used, or transmitted during the provision of health care services. Health data includes, but is not limited to:

  • Health insurance information
  • Medical history
  • Name

Non-public data

Non-public data is personal financial data that is collected and stored by financial institutions. Non-public data is a combination of personal data and other sensitive data types. For example, social security numbers (SSNs) are personal data types, but in combination with credit card data, they are also classified as non-public data.

Coro generates either an open or closed Endpoint drive with Non-Public Data ticket based on the type and combination of detected sensitive data, as outlined below:

  • Coro generates a closed Endpoint drive with Non-Public Data ticket when it detects personal data and another sensitive data type, such as financial keywords (financial metadata, content, forms, or credit card data).
  • Coro generates an open Endpoint drive with Non-Public Data ticket when it detects credit card data in addition to personal data.

For more information, see Ticket types for Endpoint Data Governance.

Personal data

Personal data is any data connected to a specific individual that can be used to uncover that individual's identity. Personal data includes, but is not limited to:

  • Email address
  • Full name
  • Social security numbers (SSNs)

Findings

When data on a device violates a sensitive data policy, Coro creates a ticket with the following details:

  • Findings : The Findings list shows files that violate a particular policy. The list includes the following information:
    • Findings : The filename and file extension of the file that caused a policy violation
    • # of findings : The number of policy violation detected in the file

      Findings

    Expand the Findings list to display additional information:

    • File path : The file path.
    • File size : The file size, in KB.
    • Type : The type of sensitive data, for example, Credit card number.
    • Quote : The text string in quotes containing the sensitive data, for example, "of PCI that can lead to identifying an individual . 6945 CVV 123 Test".

      Findings expanded