Remediating and Marking Matches

Match data found during a scan should be reviewed to verify if the match has uncovered genuinely non-compliant data. Selecting a match in the match list will allow you to select remediative action for it .

Select a match location and remediate by acting directly on the location or marking it for compliance report purposes.

DATA RECON allows you to take the following remedial actions on a match:

  • "Act directly on selected locations": Actions that will alter files such that the resulting data is PCI compliant
    • "Mask all sensitive data": Writes over match data in match locations with masking characters so that the data is no longer non-compliant.
    • "Quarantine": Moves the non-compliant file to another location; this should be used to move non-compliant files to a secure location.
    • "Delete Permanently": Delete the non-compliant file from its location securely.
    • "Encrypt file": Packs the non-compliant file into an encrypted ZIP file.
  • "Mark location for compliance report": Mark locations after reviewing them.
    • "Confirmed": Confirm that the match contains sensitive data, and mark it for further action.
    • "Remediated Manually": Confirm that the match contains sensitive data, and that it has been remediated with tools outside of DATA RECON.
    • "Test Data": Mark the match as test data; match does not contain sensitive data.
    • "False match": Mark the match as a false positive; match does not contain sensitive data.

Saving a new compliance report will show changes made by remediating and marking the matches with DATA RECON.