Remove sensitive data on employee devices and servers

One of the biggest risks for organizations is sensitive information that exists outside a controlled database environment. When sensitive data, which can be defined by the organization’s custom regular expressions, or standard types like credit card numbers and social security numbers, are extracted from a database and stored as unstructured data—in files on employee devices and file servers—they pose a significant threat.

Automated Redaction and Real-Time Policy Enforcement

With PKWARE's data redaction technology, your organization can permanently remove sensitive information as soon as it appears in files on employee computers, file servers, and in other locations.

Automated redaction ensures that information cannot be shared or stored in unauthorized locations. It also means that sensitive data will not be exposed in the event of a computer theft, misuse of employee credentials, or other security event.

PKWARE’s automated technology eliminates manual processes that can expose an organization to compliance failures and other risks. Organizations can also remediate legacy data, taking terabytes of stored data out of scope of compliance audits.

Here’s an example of how it works for credit card numbers.

  1. Using PKWARE’s intuitive control panel, administrators apply data redaction rules to user devices and file servers where credit card numbers may be saved inappropriately.

  2. PKWARE’s automated technology monitors file activity and scans new or modified files to determine whether they contain PCI data.

  3. When a user enters or imports credit card numbers into a file...
    Unredacted Data Screenshot

  4. The middle six digits of each number are automatically redacted, while other file contents remain unchanged.
    Unredacted Data Screenshot

  5. Unlike tokenization, data redaction cannot be undone, so files containing redacted data can be taken out of PCI compliance scope, no matter how many times the files are copied or shared.