Data Sensitivity

Data sensitivity shows if data in the asset is sensitive or not. Data is considered sensitive when the asset contains, for example:

• Credentials, such as private keys or secret access keys

• Financial information, such as credit card numbers or bank account numbers

• Sensitive personal information, such as health insurance or medical identification numbers

Risk score considers the data sensitivity of your assets and defines each of them as:

• Sensitive - The asset contains sensitive data.

• Not sensitive - The asset does not contain sensitive data.

• None - CloudGuard cannot calculate the data sensitivity of the asset based on the available information.

CloudGuard assigns one of these Data Classification categories to each asset:

• PII (Personal Identifiable Information)

• PCI (Payment Card Industry)

• PHI (Protected Health Information)

• Credentials

• Other

The table below shows the sources that CloudGuard uses for the data sensitivity classification.

Platform	Asset Type	Sources for Data Classification
AWS Amazon® Web Services. Public cloud platform that offers global compute, storage, database, application and other cloud services.	S3 bucket	Amazon Macie CloudGuard uses the sensitivity score calculated by Amazon Macie to find the data sensitivity of the S3 bucket.
Azure Collection of integrated cloud services that developers and IT professionals use to build, deploy, and manage applications through a global network of data centers managed by Microsoft®.	Storage Account	Microsoft Purview For each Microsoft Purview account that you connect to CloudGuard, you must grant a Data Reader role in Root Collection to the App Registration that you created during CloudGuard onboarding.
	Cosmos DB Account
	PostgreSQL
	MySQL DB Single Server
	SQL Server