ManageEngine DataSecurity Plus offers built-in data discovery rules that use regular expressions to locate credit card numbers of cards issued by American Express, Discover, InstaPay, UnionPay, Visa, MasterCard, and other payment service providers.
Steps to find credit card numbers stored in Windows File Server
- Create a data discovery policy to find credit card numbers.
- Configure the data source containing sensitive information.
- For Windows File Server
- For Microsoft SQL Server
Create a data discovery policy to find credit card numbers using the steps listed below:
- Download and install DataSecurity Plus.
- Open the DataSecurity Plus web console.
- Select Risk Analysis from the application drop-down.
- Go to Configuration > Data Discovery Settings > Policy.
- The Policy Settings window that opens will list the default data discovery policies.
- Click the +Add Policy button at the top-right corner.
- Name the policy and include an appropriate description.
- Add rules to the policy by clicking +Add Rule above the table.
- In the Add Rule to the Policy window that opens, select and add the below-listed rules:
- Credit card - Amex
- Credit card - Discover
- Credit card - InstaPay
- Credit card - Visa
- Credit card - Union Pay
- Credit card - MasterCard
- Click Save.
This will let you view details on who deleted what duplicate file, when, and from where.
Configure Windows File Server using the steps listed below:
- Go to Configuration > Data Sources > File Server.
- Click + Add File Server at the top-right corner.
- Choose the domain from the drop-down. If you want to configure a new domain, click Add New Domain, and follow the steps listed here.
- Click the + symbol next to Select Server, and choose the desired file server. You can also enter a new server using the Enter Server Name textbox.
- Under Select Objects to Monitor:
a. To scan shares, click the Shares button, select the desired shares, and click Add Shares.
b. To scan subfolders, enter the folder path in the Shared Path of the object textbox. Click Add.
- Click Save.
Configure Microsoft SQL Server using these steps:
- Go to Configuration > Data Sources > SQL Server.
- Click + Add SQL server.
- Enter a Server Name.
- Enter an Instance Name and a Port Number.
- Choose the Authentication Type from the drop-down.
Note: When chosen, both SQL Server Authentication and Windows Authentication will use the credentials of the user whose details are requested below.
- Provide the username and password based on the authentication type.
Tip for choosing the authentication type
- When choosing Windows Authentication, use a user account with domain admin credentials to ensure the product has sufficient permissions to collect logs.
- When choosing SQL Server Authentication, use a user account configured within the target SQL Server instance that at least has read permissions.
Note: Once SQL Server is configured successfully, data discovery scans will be scheduled automatically by DataSecurity Plus.