ER 2.2 Release Notes

The Release Notes provide information about new features, platforms, data types, enhancements, bug fixes and all the changes that have gone into Enterprise Recon 2.2.

For a quick view of the changes since the last Enterprise Recon release, see Summary of Changes.

Contents:

1. Highlights
   • All-new Enterprise Recon Edition and Subscription Model
   • New Features
     • Investigate, Analyze and Remediate
     • Manage Access to Sensitive Data Locations
     • Build Custom Dashboards and Reports with ODBC Reporting
   • New Platform Integrations
     • Scan Environments Powered by SAP HANA
2. Important Notes
   • Critical: One Way Upgrade to Enterprise Recon 2.2
   • Enterprise Recon Master Server Upgrade to CentOS 7
3. Changelog
   • What’s New?
   • Enhancements
   • Bug Fixes
4. Features That Require Agent Upgrades

All-new Enterprise Recon Edition and Subscription Model

PRO Enterprise Recon PRO is now available in Enterprise Recon 2.2, featuring exclusive new features aimed at helping you manage access to sensitive data locations, and providing the flexibility to build custom dashboards and reports with the metrics that matter most to your organization.

Enterprise Recon 2.2 is fully compatible with Sitewide and Non-Sitewide license subscription models, with enhanced license management and reporting features accessible to Global Admin and System Manager users.

To find out more, see our Enterprise Recon product page, or check out the Feature Comparison table to determine the Enterprise Recon solution that meets your organization's needs.

New Features

Investigate, Analyze and Remediate

PII PRO Achieving compliance with data privacy and protection laws is a multi-step process which starts with identifying sensitive and PII data across your organization, analyzing the data risks, and securing those locations.

The Investigate page streamlines this process by providing a one-stop view of the match locations, match details, access permissions¹, and remediation status for all Targets in your environment. Filters let you decide which locations to display in the Investigate page. For example, only show database match locations to identify common sensitive data types found in databases.

Combining the filters with the Match Export feature gives you the flexibility to generate custom match reports. For example, alert a data owner on sensitive data locations they need to review by exporting a list of match locations that they own. A one-click remediation on multiple endpoints is also possible within the Investigate page.

To understand the full suite of features available, see Investigate.

Manage Access to Sensitive Data Locations

PRO Controlling access to sensitive and PII data is a key concept in many data protection regulations. After taking the first step of data discovery, identifying who has access to the data is necessary to understand the risk of exposure. For example, does everyone with permissions to view a file still require that access? Which files have open permissions (e.g. accessible by everyone in your organization)?

With the Data Access Management feature, you can

• Easily view and analyze the access permissions for sensitive data locations right from the Investigate UI, and
• Immediately take action to minimize risk by managing and controlling access to those locations.

An Agent Upgrade is required to use the Data Access Management feature. See Data Access Management for more information.

Build Custom Dashboards and Reports with ODBC Reporting

PRO Enterprise Recon ODBC Reporting is a standard interface for integrating Enterprise Recon with ODBC-ready client applications, including Business Intelligence (BI) reporting tools such as Microsoft Power BI, Excel, SAP Crystal Reports, and more.

The ODBC Driver provides read-only connectivity to comprehensive Enterprise Recon data through a set of Data Tables that can be used to build tailored dashboards to get valuable insight into the sensitive data risks across your organization or deliver senior level reports. You also have the flexibility to programmatically extract Enterprise Recon data using your preferred ODBC command-line tools (e.g. Windows PowerShell).

The ER2 ODBC Reporting feature supports common SQL commands, allowing you to execute custom SQL queries to retrieve only the data that you need.

To start connecting ODBC-aware applications to Enterprise Recon, check out the ER2 ODBC Reporting documentation.

New Platform Integrations

Scan Environments Powered by SAP HANA

NEW As businesses become increasingly data-driven, they turn to tools and solutions that support the organization's success in that direction. SAP HANA, a high performance relational database that features multi-model processing advanced analytics, is one such solution with strong adoption across data-rich industries (e.g. healthcare, banking, technology and services, etc.).

Understanding this, Enterprise Recon 2.2 introduces support for SAP HANA, enabling you to search for any structured and unstructured sensitive and PII data within the database. The SAP HANA module gives you the flexibility to set the custom port number of the tenant database to connect to, and select specific schemas or tables to scan.

An Agent Upgrade is required to scan SAP HANA Targets. See SAP HANA for more information.

Important Notes

CRITICAL: One Way Upgrade to Enterprise Recon 2.2

Certain data sets, storage formats and components for the Master Server have been updated in Enterprise Recon 2.2. Therefore once the Master Server is updated from ER 2.1 (and below) to ER 2.2, the datastore is not backward compatible and downgrading ER 2.2 to an earlier version is not supported.

Enterprise Recon Master Server Upgrade to CentOS 7

From Enterprise Recon 2.0.28, new installations of Enterprise Recon utilize CentOS 7, which features an updated kernel, improved security features and support for operating system patches and updates until June 2024.

If your existing Master Server installation is based on CentOS 6, Ground Labs strongly recommends that you upgrade to CentOS 7 promptly as CentOS 6 reached end of life on November 30, 2020. The Ground Labs Support Team is available to assist customers who wish to migrate their existing installations to CentOS 7.

Ground Labs will continue to support existing Enterprise Recon installations based on CentOS 6 until its end of life date on November 30, 2020.

Changelog

The Changelog is a complete list of all the changes in Enterprise Recon 2.2.

What’s New?

• New Platform Integrations
  • NEW SAP HANA

• Added:

  • PII PRO Get a one-stop view of the match locations, match details, access permissions, and remediation status for all Targets in your environment with Investigate.
  • PRO Easily view, analyze and manage access permissions for sensitive data locations with the Data Access Management feature.
  • PRO Access comprehensive Enterprise Recon data to build tailored reports or dashboards to get valuable insight into the sensitive data risks across your organization with ODBC Reporting.

Enhancements

• Improved Features:

  • Added the capability to disable pagination when scanning Microsoft SQL database Targets.
  • Customize the results grid view in the Investigate page by adding, removing and rearranging the columns with the Column Chooser. See Results Grid Column Chooser for more information.
  • Minor security and UI enhancements.

Bug Fixes

• In certain scenarios, masking remediation could not be performed successfully for Passport data type matches that were detected on the passport MRZ line.

• The System Load Graph did not display accurate memory usage statistics for the Master Server.

• Modifying the status of a scan schedule in a specific sequence (Start, Pause, Resume, and Cancel) may cause subsequently scheduled scans to pause immediately and ignore the Pause Scan Window settings.

• The custom port option specified in the "Path" field did not take effect when scanning MongoDB Targets.

• Scanning PostgreSQL database Targets with table or column names that contained SQL keywords (e.g. "ORDER") would be reported as syntax errors.
• Files on Windows locations with data deduplication enabled were treated as symbolic links and excluded from scans.

Features That Require Agent Upgrades

Agents do not need to be upgraded along with the Master Server, unless you require the following features in Enterprise Recon 2.2:

• PRO Easily view, analyze and manage access permissions for sensitive data locations with the Data Access Management feature.
• NEW Users can now scan SAP HANA databases. Requires Windows Agent with database runtime components.
• In certain scenarios, masking remediation could not be performed successfully for Passport data type matches that were detected on the passport MRZ line.
• Added the capability to disable pagination when scanning Microsoft SQL database Targets.
• Modifying the status of a scan schedule in a specific sequence (Start, Pause, Resume, and Cancel) may cause subsequently scheduled scans to pause immediately and ignore the Pause Scan Window settings.
• The custom port option specified in the "Path" field did not take effect when scanning MongoDB Targets.
• Scanning PostgreSQL database Targets with table or column names that contained SQL keywords (e.g. "ORDER") would be reported as syntax errors.

For a table of all features that require an Agent upgrade, see Agent Upgrade.

PII This feature is only available in Enterprise Recon PII Edition. To find out more about upgrading your ER2 license, please contact Ground Labs Licensing. See Subscription License for more information.

PRO This feature is only available in Enterprise Recon PRO Edition. To find out more about upgrading your ER2 license, please contact Ground Labs Licensing. See Subscription License for more information.

Ensuring we are delivering the best technology for our customers is a core value at Ground Labs. If you are interested in future early builds of Enterprise Recon with forthcoming features, please email your interest to product@groundlabs.com.