DATA RECON 2.0.25

Databases

Databases can be scanned in two ways:

File-based Scan

(Not recommended) The data storage files of a database can be scanned directly. Performing a Local Storage scan on a database server automatically picks up data storage files and scans them for sensitive data.

Scanning data storage files may run into the following issues:

  • Matches from ghost records or slack space may be found, instead of only data that can be queried from the database.
  • The data storage files may be locked by a database that is running.

To avoid these issues, perform a live database scan.

Live Database Scan

A live database scan is run by querying the database directly to search for sensitive data.

Supported Databases and Requirements

The following databases are supported:

Database Requirements
MySQL
  • DATA RECON Advanced Edition
Microsoft SQL Server 2005 and above
  • DATA RECON Advanced Edition
PostgreSQL 9.5 and above
  • DATA RECON Advanced Edition
Oracle Database 9 and above
IBM DB2 11.1 and above
Sybase/SAP Adaptive Server Enterprise (ASE) 15.7 and above

Remediating Matches

DATA RECON does not modify data in the databases it scans. As a result, direct remedial action is unavailable for matches found in a live database scan.

You can, however, mark matches for manual remedial action. See Remediating and Marking Matches for more information.

Add Credentials

Your database credentials must have SELECT (data reader) access to the database resources to be scanned.

To add credentials for a database search location, click on No usernames or passwords:

Select "No usernames or passwords" to add credentials for a database in the Data Recon dashboard.

In the Search target credentials dialog box:

  1. Click + Add and select one of the following:
    • MySQL
    • Oracle
    • Microsoft SQL
    • IBM DB2
    • PostgreSQL
    • Sybase
  2. Fill in the following fields:
    • Target location: Enter the database server hostname.
    • Username: Enter your user name.
    • Password: Enter your password.
      Credentials are only saved if:
  3. (optional) Under Encrypt credentials enter a master password to encrypt stored credentials.
  4. Click Ok.

Add Databases to Search Locations

In the main menu, click Search all local files:

Click "Search all local files" to bring up "Search targets" dialog box to add a database Target in Data Recon.

In the Search targets dialog box:

  1. Click + Add.
  2. Select Databases.
  3. Select one of the following and click + to expand the selection:
    • MySQL
    • Oracle
    • Microsoft SQL
    • IBM DB2
    • PostgreSQL
    • Sybase
  4. In the Add database server field, enter the database server host name as hostname[:port].
    Specify a port if the database server is not using a default port. For more options, see Database Connection Options below.
  5. Press Enter to add the specified database server as a search location.
  6. (Optional) Click + to expand the added database server and select specific resources to scan.
    Expand the database server in the Search targets dialog box to select specific resources to scan.
  7. Click Select and then Ok to finish adding the location.

Database Connection Options

Database Connection Options
Oracle Database

Connect using a fully qualified domain name (FQDN)

When adding an Oracle Database as a search location, you may need to enter the FQDN of the database server instead of its host name.

Oracle 12x/TNS: protocol adapter error

If you are using Oracle 12x, or if the Oracle database displays a "TNS: protocol adapter error", you must specify a SERVICE_NAME.

Add the service name to the database server host name:
<hostname(SERVICE_NAME=<SID>)[:port]>[/catalog[/table]]

For example:
db_server(SERVICE_NAME=GLAB)/catalog_A/table_1

Microsoft SQL Server

Scan a specific SQL Server instance (where multiple are running):
<hostname(instance=<instance_name>)[:port]>

For example:
db_server(instance=mssql_instance_1)

Sybase/SAP ASE

Scan a specific Sybase instance (where multiple are running):
<hostname(instance=<instance_name>)[:port]>

For example:
db_server(instance=sybase_instance_1)