Data Discovery & PII Compliance

β€œDiscover. Classify. Comply.”

In today's data-driven landscape, organizations face the challenge of managing sensitive data across emails, NAS drives, databases, and DMS platforms. The xBiz Data Discovery Platform leverages AI to identify, classify, and secure PII, PHI, and PCI data in real-time. Designed for Indian enterprises, it ensures deep compliance with DPDP, GDPR, RBI, SEBI, IRDAI, UGC, and more.

Data Discovery
50+ PII Fields Detected
10+ Compliance Guidelines
5 Discovery Modules
15+ File Types Supported

Data Discovery Modules

Comprehensive AI-powered scanning across all your enterprise data sources to identify, classify, and secure PII, PHI, and PCI in real-time.

πŸ“

1. NAS Drive Scan

Scan files across NAS and shared drives with configurable paths, rules, schedules, and access control handling. Ideal for discovering sensitive files across distributed file systems.

Supported Drive Types

Network: SMB/CIFS shares, NFS mounts, FTP/SFTP servers
Local: NTFS, FAT32 file systems

Key Features

  • Folder Path Input - Set root folder to start
  • Recursive Scanning - Traverses subdirectories
  • File Type Detection - Docs, spreadsheets, PDFs, images
  • Content Analysis - OCR and text extraction
  • PII Matching - Aadhaar, PAN, Name, DOB, etc.
  • Live Progress - Real-time progress and ETA
  • Metadata Extraction - Properties, dates, access logs
  • Network Share Support - Mapped drives, UNC paths

Access Requirements

  • Read permissions on directories
  • Network access to shared drives
  • Service account with privileges

User Knowledge

  • File system hierarchy
  • Network drive mappings
  • Permissions and security
πŸ’Ύ

2. Database Scan

Analyze structured data across tables and columns for sensitive content like Aadhaar, SSNs, and emails. Supports schema retrieval, selective scanning and compliance tagging.

Supported Databases

Microsoft SQL Server, Oracle Database, PostgreSQL

Comprehensive Support

  • Credential Management - Validate before scanning
  • Schema Retrieval - Tables and columns
  • Selective Scanning - Targeted or full schema
  • Live Progress - Percent, counts, ETA
  • Structured Results - Interactive table
  • PII Detection - PII highlights with tags

Database Access

  • Read-only user credentials
  • SELECT on target schemas/tables
  • Network connectivity
  • Drivers (JDBC/ODBC) available

Required Knowledge

  • Basic DB administration
  • SQL and table relationships
  • Indexing concepts
  • Data sensitivity awareness
πŸ“§

3. Email Scan

Deep scanning of email bodies, attachments, and archives with format-aware parsing and configurable scope. Supports Microsoft and Google email platforms.

Supported Email Platforms

Microsoft: Outlook.com, Office 365 β€’ Google: Gmail

Email System Integration

  • Content - Body, subject, signatures
  • Attachments - Docs, images, archives
  • Metadata - Sender, recipient, timestamps
  • Threading - Conversation context
  • Archive - PST, OST, MBOX formats
  • Monitoring - Continuous scanning

OAuth Requirements

  • Azure AD registration
  • Mail.Read permissions
  • Admin consent for org-wide
  • MFA support

Compliance Considerations

  • Legal hold & eDiscovery
  • Retention requirements
  • Privacy impact assessments
  • Employee notification
☁️

4. Cloud Storage

Secure API-based scanning for major cloud platforms with scan boundaries, provider-specific security handling, and scalable processing.

Supported Cloud Platforms

AWS S3 β€’ Azure Blob/Files β€’ Google Cloud Storage/Drive

Platform Features

  • Multi-Cloud - Unified scanning interface
  • API Integration - Native connections
  • Buckets/Containers - Object analysis
  • Metadata - Properties, tags, ACLs
  • Versioning - Historical versions scan
  • Sharing - Public/private assessment

API Credentials

  • Service keys or OAuth tokens
  • Read permissions
  • Rate limiting & quotas
  • Secure secret storage

Skills Required

  • Cloud admin basics
  • API key management
  • Storage structures
  • Network security & firewalls
πŸ“„

5. DMS - Document Management System

Integrate with DMS to scan documents, metadata, and versions. Supports classification, permissions, and detection of sensitive data across enterprise platforms.

Supported DMS Products

Digi-Drive β€’ Alfresco β€’ OpenText Documentum β€’ IBM FileNet β€’ M-Files

Platform Features

  • Libraries - Repository scanning
  • Metadata - Custom fields, tags
  • Version History - Track changes
  • Workflows - Approvals & lifecycle
  • Permissions - Rights & security groups
  • Content Types - Template classification

Content Analysis

  • Indexing & search
  • Metadata fields
  • Version tracking
  • Workflow alignment

System Requirements

  • DMS admin access
  • API docs & endpoints
  • Taxonomy knowledge
  • Permission model awareness

PII Fields Detection Capabilities

Comprehensive detection of 50+ sensitive data fields across multiple categories with AI-powered classification.

πŸ†” Identity Information

Aadhaar PAN Passport Driving License Voter ID Name First Name Middle Name Last Name

πŸ‘€ Personal Details

Date of Birth Gender Place of Birth Nationality Religious Details Caste Details Education Details Emergency Contact

πŸ“± Contact Information

Email Mobile Number Address Social Handles

πŸ’» Digital Identity

Username Password IP Address Device ID Location (GPS)

πŸ‘† Biometric Data

Face Recognition Fingerprint Iris Scan Blood Group

πŸ’³ Financial Information

Account Number IFSC Card Number Bank CVV Expiry UPI ID Txn ID Amount Txn Date EMI Amount

πŸ“Š Tax & Investment

Tax Details GST Portfolio Insurance Policy Premium Claim Number

πŸ₯ Healthcare Information

Diagnosis Medical History Prescriptions Lab Reports Doctor Allergies Treatment Plan Surgery Discharge Immunization Mental Health Risk Score Device Serial Insurance Card

Supported File Types

Comprehensive file format support for thorough data discovery across your entire organization.

🎬 Video & Audio

.mp4, .avi, .mov, .wmv, .mkv, .webm, .mp3, .wav, .ogg

πŸ–ΌοΈ Image Files

.jpg, .jpeg, .png, .tif, .tiff

πŸ“ Text Files

.txt, .log, .csv, .json, .xml, .md, .config, .ini, .env, .py, .raw

πŸ“„ Documents

.pdf and other document formats

Compliance Guidelines Coverage

Supporting 10 Indian regulations plus key global standards (GDPR, DPDP & HIPAA).

India Flag India Regulations (10/10 Active)

  • βœ“ πŸ”’ DPDP Act (Digital Personal Data Protection Act, 2023)
  • βœ“ 🏦 RBI Guidelines (Reserve Bank of India)
  • βœ“ πŸ“Š SEBI Regulations (Securities and Exchange Board of India)
  • βœ“ πŸ›‘οΈ IRDAI Regulations (Insurance Regulatory Authority)
  • βœ“ πŸ’» IT Act, 2000 & Amendments
  • βœ“ πŸ₯ DISHA (Digital Information Security in Healthcare Act)
  • βœ“ βš•οΈ NDHM / ABDM (Ayushman Bharat Digital Mission)
  • βœ“ πŸ“‘ TRAI Regulations (Telecom Regulatory Authority)
  • βœ“ 🚨 CERT-In Guidelines (Computer Emergency Response Team)
  • βœ“ πŸ†” UIDAI Compliance (Aadhaar)

🌍 Global Standards (3/10 Active)

  • βœ“ πŸ‡ͺπŸ‡Ί EU GDPR (General Data Protection Regulation)
  • βœ“ πŸ”’ DPDP (Digital Personal Data Protection Act)
  • βœ“ πŸ₯ HIPAA (Health Insurance Portability and Accountability Act)
  • βœ“ πŸ’³ PCI DSS (Payment Card Industry Data Security Standard)
  • βœ“ πŸ“Š SOX (Sarbanes-Oxley Act)
  • βœ“ 🏦 GLBA (Gramm-Leach-Bliley Act)
  • βœ“ πŸ“ˆ SEBI Guidelines (Securities and Exchange Board of India)
  • βœ“ πŸ”’ HITECH (Health Information Technology Act)
  • βœ“ πŸ“‘ TRAI Regulations (Telecom Regulatory Authority)
  • βœ“ πŸ›‘οΈ ISO/IEC 27001 (Information Security Management)

Expansion planned for remaining 7 standards in next version

India Flag UAE Regulations (Coming Soon)

πŸ” Data Protection & Privacy Laws

  • ⏳ PDPL (Personal Data Protection Law - Federal Decree-Law No. 45 of 2021)
  • ⏳ DIFC Data Protection Law (Law No. 5 of 2020)
  • ⏳ ADGM Data Protection Regulations (Abu Dhabi Global Market)
  • ⏳ Health ICT / Health Data Law (Health Information Privacy & Security)

πŸ›‘οΈ Cybersecurity & Compliance Standards

  • ⏳ IAR (Information Assurance Regulation by TDRA)
  • ⏳ Cybercrime Law (Federal Decree-Law No. 34 of 2021)
  • ⏳ Cabinet Resolution No. 21 of 2013 (Data Security Framework)
  • ⏳ DESC ISR (Dubai Electronic Security Center Information Security Regulation)
  • ⏳ Central Bank Regulations / RPSCS (Payment & Card Schemes)
πŸš€ Expansion planned for UAE regulations in the next version

πŸš€ Before You Begin: Requirements & Checklist

Essential requirements and preparation steps before implementation.

⚠️ System Prerequisites

βš™οΈ Technical Requirements

  • Windows Server 2016+
  • Minimum 8GB RAM, 16GB recommended
  • 100GB+ available storage space
  • Network connectivity to target systems
  • Administrative privileges on scanning systems

πŸŽ“ User Knowledge Requirements

  • Basic understanding of data privacy regulations (GDPR, HIPAA)
  • Familiarity with your organization's data architecture
  • Knowledge of file system structures and permissions
  • Understanding of database concepts and SQL basics
  • Email system administration experience

βœ“ Getting Started Checklist

⚑ Before You Begin

  • βœ“ Conduct a data mapping exercise to identify all data sources
  • βœ“ Obtain necessary permissions and approvals from data owners
  • βœ“ Set up service accounts with appropriate access levels
  • βœ“ Configure network access and firewall rules

πŸ’‘ Best Practices

  • βœ“ Start with a pilot scan on non-production systems
  • βœ“ Schedule scans during off-peak hours to minimize impact
  • βœ“ Implement proper logging and monitoring
  • βœ“ Establish data classification and handling procedures