Handling of sensitive data

The Data Intelligence Service (DIS) handles user- and company-related sensitive data to secure the organization's data privacy.

Description

DIS does not upload or host any company or tenant-specific information. It is not possible to determine which company or tenant is the source of data inventoried.

Company and user information

User information is removed during file processing in Snow Update Service (SUS). If user information appears in the user’s file path, the user information is removed. For example, if a file path is C:/Users/myname/…, it becomes :/Users/{User}/…

However, there are limitations:

  • Removal of the user information only applies to Windows OS with an English language framework.

  • If you include company information in a file path, the information is present in the DIS database in the executable file path information of the software row, for example, company name. In this case, company information cannot be removed as it is required for recognition.

Exclude data from inventory

If you have strict regulations on data that cannot leave your company, you can configure the Snow Inventory Agents to exclude the folders containing such data from the computer file system scan. Since the folders are excluded from the scan, the data in the folders will not be inventoried, and it will not be included in the data normalization process.

Normalization logic for software data

Data on devices that are scanned by Snow Inventory Agents’ default scanning methods, that align with the data information inventoried, is transferred to the DIS database. If this includes a company name in a file path, this information is transferred to the DIS database. However, DIS only creates normalization logic for software data that is publicly available. DIS does not create normalization logic for software data used for bespoke software.