What’s new with Cloud Data Sense

Contributors netapp-tonacki

Learn what’s new in Cloud Data Sense.

11 May 2022

Support added for scanning data in Google Drive accounts

Now you can add your Google Drive accounts to Data Sense in order to scan the documents and files from those Google Drive accounts. See how to scan your Google Drive accounts.

Data Sense can identify Personal Identifiable Information (PII) within the following Google file types from the Google Docs suite — Docs, Sheets, and Slides — in addition to the existing file types.

Directory level view added to the Data Investigation page

In addition to viewing and filtering data from all your files and databases, now you can view and filter data based on all the data within folders and shares in the Data Investigation page. Directories will be indexed for scanned CIFS and NFS shares, and for OneDrive, SharePoint, and Google Drive folders. So now you can view permissions and manage your data on the directory level. See how to select the Directories view of your scanned data.

Expand groups to show the users/members that have permissions to access a file

As part the Data Sense permissions capabilities, now you can view the list of users and groups that have access to a file. Each group can be expanded to show the list of users in the group. See how to view users and groups who have read and/or write permissions to your files.

Two new Filters have been added to the Data Investigation page

  • The “Directory type” filter enables you to refine your data to see folders or shares only. The results will be shown in the new Directories tab.

  • The "User / Group Permissions" filter enables you to list the files, folders, and shares that a specific user or a group has read and/or write permissions to. You can select multiple users and/or group names - or enter a partial name. T

5 April 2022

Four new types of Australian personal data can be identified by Data Sense

Data Sense can identify and categorize files that contain the Australian TFN (Tax File Number), Australian Driver’s License Number, Australian Medicare Number, and Australian Passport Number. See all the types of personal data that Data Sense can identify in your data.

Global Active Directory server can be an LDAP server now

The global Active Directory server you integrate with Data Sense can be an LDAP Server now in addition to the previously supported DNS Server. Go here for details.

15 March 2022

New Filter to show the files to which a specific user or a group has read or write permissions

A new Filter called "User / Group Permissions" has been added so you can list the files that a specific user or a group has read and/or write permissions to. You can select one or more user and/or group names - or enter a partial name. This functionality is available for volumes on Cloud Volumes ONTAP, on-prem ONTAP, Azure NetApp Files, Amazon FSx for ONTAP, and File Shares.

Data Sense can determine the permissions for files in SharePoint and OneDrive accounts

Data Sense can read the permissions that exist for files that are being scanned in OneDrive accounts and SharePoint accounts now. This information appears in the Investigation pane details for files and in the Open Permissions area in the Governance Dashboard.

Two additional types of personal data can be identified by Data Sense

  • French INSEE - The INSEE code is a numerical code used by the French National Institute for Statistics and Economic Studies (INSEE) to identify various entities.

  • Passwords - This information is identified using proximity validation by looking for permutations of the word "password" next to a alphanumeric string. The number of items found will be listed under "Personal Results" in the Compliance Dashboard. You can search for files that contain passwords in the Investigation pane using the Filter Personal Data > Password.

Support for scanning OneDrive and SharePoint data when deployed in a dark site

When you’ve deployed Cloud Data Sense on a host in an on-premises site that doesn’t have internet access, now you can scan local data from OneDrive accounts or SharePoint accounts. You’ll need to allow access to the following endpoints.

The Beta capability to use Cloud Data Sense to scan your Cloud Backup files has been discontinued in this release

9 February 2022

Added support for scanning Microsoft SharePoint online accounts

Now you can add your SharePoint online accounts to Data Sense in order to scan the documents and files from your SharePoint sites. See how to scan your SharePoint accounts.

Data Sense can copy files from a data source to a target location and synchronize those files

This is helpful for situations where you’re migrating data and you want to catch any last changes that are being made to the files. This action uses the NetApp Cloud Sync functionality to copy and sync data from a source to a target.

New language support for DSAR reports

German and Spanish are now supported when searching for names of data subjects in order to create Data Subject Access Request (DSAR) reports. This report is designed to aid in your organization’s requirement to comply with GDPR or similar data privacy laws.

Three additional types of personal data can be identified by Data Sense

Data Sense can now find French social security numbers, French IDs, and French driver license numbers in files. See the list of all personal data types that Data Sense identifies in scans.

Security group port changed for Data Sense communication to the Connector

The security group for the Cloud Manager Connector will use port 443 instead of port 80 for inbound and outbound traffic to and from the Data Sense instance for added security. Both ports remain open at this time, so you shouldn’t see any issues, but you should update the security group in any older deployments of the Connector as port 80 will be deprecated in a future release.

2 January 2022

Ability to integrate a global Active Directory to identify file owners and permissions

Now you can integrate a global Active Directory with Cloud Data Sense to enhance the results that Data Sense reports about file owners and which users and groups have access to your files.

In addition to the Active Directory credentials you enter so that Data Sense can scan CIFS volumes from certain data sources, this new integration provides as additional integration for other users and systems. Data Sense will look in all integrated Active Directories for user and permission details. See how to set up your global Active Directory.

Data Sense "policies" can now be used to delete files

Data Sense can automatically delete files that match the query that you define in a Policy. See how to create custom Policies.

16 December 2021

Ability for Data Sense to scan data in dark sites

Both Cloud Manager (the Connector) and Cloud Data Sense can be deployed in an on-premises site that doesn’t have internet access. Now your secure sites can use Cloud Manager to manage your on-prem ONTAP clusters, replicate data between clusters, and scan data from those clusters using Cloud Data Sense.

28 November 2021

Data Sense can be used to clone a volume from an ONTAP system

You can use Data Sense to clone an ONTAP volume, but include only selected files from the source volume in the new cloned volume. This is helpful for situations where you’re migrating data and you want to exclude certain files, or if you want to create a copy of a volume for testing.

GCP Marketplace subscription for Cloud Manager now includes support for Cloud Data Sense

The GCP Marketplace subscription for Cloud Manager now includes support for Cloud Data Sense. Now you can use this pay-as-you-go (PAYGO) subscription to scan data from Cloud Volumes ONTAP systems deployed on Google Cloud storage in addition to using a BYOL license from NetApp.

Ability to view the status of your long-running compliance actions

When you run an action from the Investigation Results pane across many files, for example, deleting 50 files, the process can take some time. Now you can monitor the status of these asynchronous actions so you’ll know when it has been applied to all files.

Two additional types of personal data can be identified by Data Sense

Data Sense can now find the personal data types "British Passport" and "National Health Service (NHS) Number" in files. See the list of all personal data types that Data Sense finds in scans.

New Filter to show the files that belong to specific types of working environments

When filtering data in the Data Investigation page, a new filter for “Working Environment Type” has been added. This allows you to filter the Results for Cloud Volumes ONTAP systems, FSx for ONTAP systems, on-premises ONTAP systems, and more.

7 November 2021

Now you can choose to map or classify individual volumes in your working environments

In the past you could either map all volumes or map & classify all volumes in each working environment. Now you can choose to map or map & classify individual volumes. This option is available for Cloud Volumes ONTAP volumes, ANF volumes, on-prem ONTAP volumes, and FSx for ONTAP volumes.

Data Sense can copy files from a data source to a destination NFS share

You can copy any source files that Data Sense is scanning to a destination NFS share. This is helpful if you want to make a copy of certain data and move it to a different NFS location. Learn more.

Ability to scan data protection volumes on FSx for ONTAP file systems

Now you can scan data protection volumes on FSx for ONTAP file systems. Learn more.

New Filter to show files by the date range when Data Sense first discovered them

A new Filter in the Investigation page called "Discovered Time" enables you to view files by the date range when Data Sense first discovered the files. Discovered Time has also been added to the File Details page and to reports that you output in CSV format for a file.

SOC 2 Type 2 certification

An independent certified public accountant firm and services auditor examined Cloud Data Sense and affirmed that it has achieved SOC 2 Type 2 reports based on the applicable Trust Services criteria.

4 October 2021

Support for BYOL licensing from NetApp

In addition to licensing Data Sense through your cloud provider marketplaces, now you can purchase a bring-your-own-license (BYOL) from NetApp that you can use across all your working environments and data sources in your Cloud Manager account.

Support for the Google Cloud Platform

Now Cloud Data Sense can scan data from your Cloud Volumes ONTAP systems that are deployed on GCP. Data Sense must be deployed on GCP, and the Connector must be deployed on GCP or on-premises. The GCP service account associated with the Connector needs the latest permissions to deploy Cloud Data Sense to GCP.

Ability to scan CIFS volumes on FSx for ONTAP file systems

Data Sense can now scan CIFS volumes from FSx for ONTAP systems. See how to scan Amazon FSx for ONTAP volumes.

2 September 2021

Ability to scan NFS volumes on FSx for ONTAP file systems

Added support for scanning data on NFS volumes on Amazon FSx for ONTAP systems. See how to configure scanning for your FSx for ONTAP systems.

Data Sense "Status" entries have changed to "Tags" entries

The capability to add "Status" information to your files using Data Sense has changed terminology to "Tags". These are file level tags - not to be confused with resource level tagging that can be applied to volumes, EC2 instances, virtual machines, etc. Learn more about file-level tags.

1 August 2021

Ability to manage file settings for multiple files at a time

In earlier versions of Cloud Data Sense you could perform the following actions on one file at a time: add a status tag, assign a user, and add an AIP label. Now you can select multiple files from the Data Investigation page and perform each of these actions on multiple files.

Governance dashboard shows data by when it was created or by when it was last accessed

When viewing the Age of Data graph in the Governance dashboard, in addition to viewing data based on the last time it was modified, now you can view the data by when it was created or by when it was last accessed (when it was read). This information is provided in the Data Mapping Report as well.

Ability to use multiple hosts for additional processing power when scanning large configurations

When deploying Data Sense on-premises, now you can install scanning software on additional on-prem hosts when you plan to scan configurations that include petabytes of data. These additional scanner nodes provide increased processing power when scanning very large configurations.

7 July 2021

Data Sense can move files from a data source to a destination NFS share

A new feature enables you to move any source files that Data Sense is scanning to any NFS share. This allows you to move sensitive or security-related files to a special area so you can do more analysis.

Ability to quickly categorize data instead of performing a full classification scan

You can now choose to quickly map data into categories instead of doing a full classification scan. This enables you to view the Data Mapping report from the Governance Dashboard to get an overview of your data when there are certain data sources that you do not need to run a complete scan on.

Ability to assign files to Cloud Manager users

Now you can assign a file to a specific Cloud Manager user so that person can be responsible for any follow-up actions that need to be done on the file. This capability can be used with the existing feature to add custom Tags to a file.

A new Filter in the Investigation page also enables you to easily view all files that have the same person in the "Assigned To" field.

Ability to use a smaller Cloud Data Sense instance

Some users with smaller scanning requirements have asked to be able to use a smaller Cloud Data Sense instance. Now you can. There are some limitations when using these smaller instances, so see what these restrictions are first.

Ability to perform slow scans

Data scans have a negligible impact on your storage systems and on your data. However, if you are concerned with even a very small impact, you can configure Data Sense to perform "slow" scans now. See how.

Data Sense tracks the last time a file has been accessed

The Last Accessed Time value has been added to the File Details page and to reports that you output in CSV format so you can see when users have last accessed the file.

7 June 2021

Cloud Compliance has been renamed as Cloud Data Sense.

Cloud Compliance has been renamed as Cloud Data Sense as of this release. With all the new Governance and other capabilities that have been included in the product, the Compliance name was not promoting the full set of capabilities.

New "Full Data Mapping" report is available from the Governance Dashboard

A new Full Data Mapping report is available from the Governance Dashboard to provide an overview of the data being stored in your corporate data sources to assist you with decisions of migration, back up, security, and compliance processes.

The report provides overview pages that summarize all your working environments and data sources, and then provides a breakdown for each working environment. Go here for more details.

New filter in the Investigation page to view all duplicated files

A new filter in the Data Investigation page enables you to view a list of all files that are duplicated across your storage systems. This is helpful to identify areas where you can save storage space, or identify files that have specific permissions or sensitive information that you do not want duplicated across your storage. See how to viewing all duplicated files.

Data Sense can add custom Tags to files for organization

You can add a custom Tags to files that Data Sense is scanning. The Tag is not added to the file in the same way as AIP Labels are added. The Tag is just seen by Cloud Manager users so you can indicate if a file needs to be deleted, or checked for some reason. See how to apply and view Tags in your files.

A new Filter in the Investigation page enables you to easily view all files that have a Tag assigned.

Ability to scan .DCM and .DICOM files

Cloud Data Sense can scan for Personal Identifiable Information (PII) in two additional types of files: .DCM and .DICOM.

Data Sense now tracks additional attributes of files

The File Size, Created Date, and Last Modified Date values have been added to reports that you output in CSV format. Created Date is also a new Filter you can use to narrow down Investigation page search results.

5 May 2021

Ability to scan data stored on Azure Blob

Scanning of data stored on Azure Blob is now supported when using the MinIO service. See Scanning object storage that uses S3 protocol for details.

Additional type of personal data can be identified by Data Sense

Cloud Data Sense can now find Austrian SSNs in files.