Handling of sensitive data
The Data Intelligence Service (DIS) handles inventory data related to companies and their users. However, DIS does not store any company- or tenant-specific information. It is not possible to determine which company or tenant is the source of the inventoried data.
Company and user information
User information is removed during file processing in Snow Update Service (SUS). If user information appears in the user’s file path, the user information is removed. For example, if a file path is C:/Users/myname/…
it becomes :/Users/{User}/…
.
However, there are limitations:
-
Removal of the user information only applies to Windows OS with an English language framework.
-
If you include company information in a file path, the information is present in the DIS database in the executable file path information of the software row, for example, company name. In this case, company information cannot be removed as it is required for recognition.
Exclude data from inventory
If you have strict regulations on data that cannot leave your company, you can configure the Snow Inventory Agents to exclude the folders containing such data from the scan of the computer file system. Since the folders are excluded from the scan, the data in the folders will not be inventoried, and it will not be included in the data normalization process.
Normalization logic for software data
Data on devices that are scanned by Snow Inventory Agents’ default scanning methods, that align with the data information inventoried, is transferred to the DIS database. If this includes a company name in a file path, this information is transferred to the DIS database. However, DIS only creates normalization logic for software data that is publicly available. DIS does not create normalization logic for software data used for bespoke software.