Making Compliance Auditing simple with Borneo’s Global Search

When it comes to auditing data resources it becomes a painful task of exploring through profuse data sources across multiple metrics and the sensitive data they might be containing. For example, let's say an Auditor needs to check for any of the S3 buckets which store credit card details and is unencrypted and publicly accessible? With a good spread of data, the audit can become a nightmare real quick, and any oversight can put an organization in trouble.

various data sources which can be connected to Borneo’s real-time data security solution

Why it’s super difficult for IT teams to find sensitive data?

Storing the security and data footprint of multiple data sources brings its own set of challenges. It gets complex when tried to store in a relational schema, or all into one single index because either the data points or the volume makes things complicated and being able to perform queries to slice and dice brings its own set of challenges. A solution to this exploration issue is Global Search, which can search through the insights generated for various data sources/connectors easily. While working with multiple sources, building a search experience becomes interesting and difficult at the same time, as we need to solve for two major cases, i.e

1. Provide capabilities to help users with what they want to discover with much ease
2. And also provide an easy playground where users can explore and understand the power of the Borneo.

One can say that using a DBMS that supports storing unstructured data along with some structured data might be helpful! Let's say PostgreSQL, where we can store unstructured data in one or many columns and also query them and that might get the work done.
However, we need support for text search, across various fields some might be structured and some might be a property within an unstructured text or JSON value and querying on such field get complicated and ends up requiring large and complicated queries requiring very particular data indices and any error in that might lead to very sluggish data response.

Borneo’s Approach:

With Borneo’s Global Sensitive Data Search, it becomes very convenient for a user to do a data audit and then drill down the results using our prebuilt querying interface.

Search Results with Aggregation and deep dive along with some Sample Queries

How the Global Search Works

Our Global Search is backed by ElasticSearch, which provides ease of querying multiple aspects of an entity, which are spread across multiple data indexes, one for each data source, right out of the box.

While keeping in mind the two objectives that the search has to facilitate, we have some sample(pre-built) queries along with a powerful query generator, which makes it very intuitive to get started and get the required data from source-specific indices.

Query builder to perform a search on all the required parameters

Query Builder

Once you start interacting with the query input, you can experience the ease with you can formulate a query just by clicking and providing the input manually if needed. You can create a query with multiple properties such as infotypes detected, security risks, source, and account which can have one or more values conjuncted via AND/OR clause.

Relevant search results

The results of the query are provided in the aggregation-first order, which makes it easier for the Auditor to do drill-down by the source type (S3, DynamoDB, RDS, etc.) from where entities can be further be investigated.
On drill-down, we can have three actions, get the details of the entities, get all the associated incidents, and perform a full scan on the entity of interest.

Incidents

Incidents provide detail of the events which caused any violation of any security or data compliance risk, which are covered by our observer services and compliance alerts. Incident provides options to send a notification to integrated tools such as JIRA, Slack, Email, or Acryl for further resolution by the relevant team or team member.

Incident details for an entity

Full-Scan

At first, Borneo uses sampling for the scan, which makes it quick to get a snapshot of the data footprint associated with the entities. However, if the user wants to perform a holistic scan, a full scan can be performed which provides an option to capture all the sensitive data tokens along with the nearby context, which makes it easier to remediate the issues of concern.

Full Scan with user-defined criteria and able to capture all the sensitive data tokes

What’s Next?

The next step that Borneo is taking towards the Global Search is introducing the Knowledge Grap. This knowledge graph will provide an exhaustive visualization of data generated by our inspection services, and the users, lets say CISO, can get to the root cause of any compliance policy failure with ease.

Knowledge Graph on Inspection Results

Conclusion

With the global search, it becomes very easy for any user to explore Borneo’s findings and also to get to entities of concern while Auditing for any compliance-related scenario, such as PCI compliance, where users can simply search for the entities which are unencrypted and has Credit Card related information. And with the well-connected flow, the user can easily make a more detailed investigation as well as initiate the resolution within the
existing workflow integrated tools.

With Borneo, Data investigation which used to take months has been reduced to days, and our mission to solve the problem of customer data privacy and data law compliance has already helped multiple organizations. Along with the other suites of solutions, Borneo is a powerful, flexible, and cost-effective all-in-one platform perfect for small to large organizations to achieve privacy compliance at scale.

To understand more about how we can help you with your application data privacy, you can request a quick demo to get started for FREE!

Borneo | Real-time data security and privacy observability