We are proud to announce that IBM StoredIQ InstaScan is generally available now! It was in August 2019, that the first release of IBM StoredIQ InstaScan made it to the market. In a nutshell this is what StoredIQ InstaScan allows you to do:
- Define sensitive data placement policies for your enterprise cloud data sources. IBM IBM StoredIQ InstaScan provides customers with a sample cartridge using which several key sensitive information can be detected. Using the indicators provided by the cartridge, you can define rules and combine those rules into complex policies. These policies specify what kind of information can be or cannot be stored on a particular data source. As an example, a financial service company can create a policy which states that no credit card numbers should be present in any documents stored on the public cloud.
- Identify risk hot spots using a Risk Assessment. The intention is to locate the high risk areas for clean up or get ready for a Compliance Check. Risk Assessment provides you an idea of the extent of risk for a particular data source with a given confidence level and acceptable error rate. It uses the technique of random sampling instead of analyzing the whole corpus, thus helping you finish the assessment in hours and days instead of weeks and months.
- Remediate the the high risk areas, if you have identified any. Note that this remediation is not part of the StoredIQ InstaScan product, but you can use other products like IBM StoredIQ to do the same.
- Once you have sufficient confidence that the data source is clean, certify the data source using Compliance Check. Compliance check uses the statistical method of Elusion Sampling to certify a data source as free of any policy violations.
You can read more about the capabilities and use cases supported by IBM StoredIQ InstaScan here: https://www.ibm.com/products/storediq-instascan
After the 1.0.0 release, InstaScan 1.0.1 was released on 30th September and version 1.0.2 was released on 29th November. Let us take a look at what are the major capabilities added to the product after the initial release.
Google Drive support
The 1.0.0 release of InstaScan supported four different cloud data sources, which are Box, Microsoft Exchange Online, Microsoft OneDrive, and Microsoft SharePoint Online. The 1.0.2 release added support for Google Drive, which means you can include documents stored on a Google Drive in your Risk Assessment and Compliance Checks. Note that Google native applications (Google Docs, Spreadsheets and Slides) are also supported by IBM StoredIQ InstaScan.
Scheduled Risk Assessments and Compliance Checks
In addition to a data steward manually running the Risk Assessment and Compliance Check against a data source, with StoredIQ InstaScan 1.0.2 release, you can schedule automated Risk Assessments and Compliance Checks. This would allow ensuring the compliance status of a data source is checked at regular intervals without manual intervention. Note that you have the ability to schedule Compliance Check alone, skipping the Risk Assessment, provided you are making reasonable efforts to maintain the data source free of policy violations.
In addition to the summary report that was available with the 1.0 release, InstaScan 1.0.1 release has added a new Policy violations summary report. This report provides you an overview of the Risk Assessment or Compliance Check such as the total number of documents analyzed, number of documents that were skipped, policies evaluated, policy violations found, percentage of files violating policies, all indicators found during the scan, etc. This summary report can be accessed from the dashboard or the scan progress page. In addition to the summary report, IstaScan 1.0.2 release has added a new Policy violation details report. This is a CSV report, that will give you the list of files where policy violations are found. The report will contain one row per file along with the kind of policy violations that were found in that document. This report will help data stewards to identify what is the exact policy violation inside the document.
Scan history page
In version 1.0.2, a new page with the summary of all current and previous jobs within the system is added. This is a quick and convenient way for a data steward to monitor the progress of all jobs running currently or quickly navigate to any historical jobs without navigating through the respective data source's page.
Export and import of rules and policies
If your organization runs separate StoredIQ InstaScan environments for production and non-production purposes (staging, development, testing, etc.) and you would like to share the rules and policies across these environments, then with the 1.0.1 version, it is possible to export the polices and rules from one environment and import them into another.
Deployment on OpenShift 3.11
RedHat OpenShift is a production ready Enterprise Kubernetes platform that provides additional security and scalability compared to native Kubernetes deployment. With the 1.0.1 release you can deploy IBM StoredIQ InstaScan on your enterprise's OpenShift platform. For encrypting the communication within the kubernetes cluster, you can also use Istio Service Mesh.
In addition to what is described here, a lot of incremental improvements are added to the product. You can see a list of the new capabilities here: https://www.ibm.com/support/knowledgecenter/en/SSFL6G_1.0.0/welcome/whatsnew.html
The trial version of StoredIQ InstaScan is also refreshed with release 1.0.2. If you are interested to try the capabilities offered by IBM StoredIQ InstaScan, you can get a trial version of the product free of cost by signing up here: https://www.ibm.com/products/storediq-instascan