Skip to content

Encryption and RTBF Policy

You need to create a policy with a mapping for the Right To Be Forgotten (RTBF) scheme.

The RTBF policy hides sensitive information such as user name and moves it into the quarantine folder. It scans for HDFS, S3, and ADLS applications and accepts .csv, .parquet, .orc, and .avro file formats.

Create a New Data Zone with Name RTBF#

Note

For more information about creating data zones and their types, see section Data Zones.

  1. In the Privacera home page, expand the Compliance Workflow menu and click on Data Zones from left menu.

  2. On the Data Zones page, click the + icon.

  3. Enter the Data Zone Name as RTBF.

  4. Enter the Description.

  5. Click Save.

The Data Zone is added.

Add RTBF Policy to Data Zone#

Add an RTBF policy to this Data Zone under the Policies tab.

  1. In the Data Zones page, select the created datazone and click the Policies tab.

  2. Click +Add Policy.

  3. Enter a required  Name.

  4. Enter the Description.

  5. Select the Type of policy as Right to Privacy. This changes the Source label as needed.

    <img src="../assets/image31.png" style="width:100%;height:auto;" />

  6. Select the Alert Level.

  7. Enable or Disable the Status of the policy.

  8. Select the required Application.

  9. Select Lookups: Application and Lookup File Location.

  10. If you want Literal Masking, select the Use LITERAL checkbox.

  11. Click Save.

The RTBF policy is created.

<img src="../assets/image32.png" style="width:100%;height:auto;" />

Add Resource to be Encrypted#

Add the resources that need to be encrypted under the Resources tab.

  1. In the Data Zones page, select the datazone and click the +Add Resource.

  2. Enter the required Application name.

  3. Enter the required Resource name.

  4. Click Save.

    The file format resource is added. You can also add table format resources, such as DB name and table name.

  5. Click the Re-evaluate checkbox for the resource to be encrypted.

  6. Click the soft refresh button to update completion status.

    After the checkbox is cleared, the encryption has completed.

  7. For AWS S3, go to File Explorer by clicking on the left menu and check for the encrypted data.

    <img src="../assets/image33.png" style="width:100%;height:auto;" />

  8. Original data can be viewed under the archive folder.

    <img src="../assets/image34.png" style="width:100%;height:auto;" />


Last update: July 23, 2021