How to integrate Safetica 10 with data analysis tools

Learn how to use data from DLP logs to enhance Safetica reporting capabilities.

Information in this article applies to Safetica 10 or older.

This feature is only available for Safetica Enterprise.

Safetica 10 can use its data analytics API to integrate with third-party data analytics tools (such as Power BI, Tableau, and others), so that you can create more flexible reports.

The admin can connect their Safetica database to their data analytics tool and retrieve analytical data from Safetica DLP logs. If they have other data sources connected to the tool as well (e.g. their company HR system), they will be able to group the info from the logs into any organizational structure tailored to their needs.

To make the integration even easier, Safetica provides their customers with 2 pre-defined report templates – the Activity Dashboard focused on user activities and the Data Security Dashboard.

In this article you will learn:

How to integrate Safetica with a data analytics tool

Integration can be done either automatically or manually, depending on your database account permissions.

Automatic database integration

If your SQL server was installed and configured by Safetica, you can integrate your database automatically via Safetica Management Console. You just toggle a switch and log into your data analytics tool with a new database account and password:

If the switch is grayed out, either ask for the appropriate permissions or perform manual database integration.

1.  Go to Safetica Management Console > Profile > Server settings.

2.  In the Data analytics section, switch the Data analytics integration toggle to Enable.

3.  You will then be asked to create a password for your new database account.

4.  Click Finish at the bottom of the screen.

Afterwards, a script is run that creates a database schema, database views, and a database account via which you can access the data. The database account will use the following credentials:

                Username: safetica_da

                Password: the one you created in step 3.

The new account has read-only permissions and can only access the created database schema.

5.  After the script finishes and the database account is created, you can open your data analytics tool and add a new data source. After filling in your credentials (see step 4), the database is connected, data is loaded, and you can start creating a report. You can either use one of our report templates or create your own visualization of the data.

You can download our report templates here.

Details necessary to create your own visualization can be found here.

Manual database integration

If you installed your own database and use your own permissions, you must run the script and enable the integration manually:

Open the command line and run the following commands with the appropriate permissions:

      EXEC [pbi].[create_da_user] @password = N'your_password'

      EXEC [pbi].[enable_pbi]

The strength of the password must correspond to your SQL server configuration.

After the script finishes, see step 5 in Automatic database integration.

 

If you would like to delete the account:

Open the command line and run the following command with the appropriate permissions:

EXEC [pbi].[delete_da_user]

Sample report templates

There are two report templates you will get from Safetica - the Activity Dashboard and the Data Security Dashboard. You just have to connect them to your database and populate them with data from your DLP logs.

An example of how to connect your report templates to Safetica database in Power BI can be found here.

You can download our report templates here.

Activity Dashboard

This report template focuses on user activity and remote work and you can filter it by time range, activity type, or departments.

The Activity Dashboard is divided into 3 sections:

  1. Departments – you can see at first glance the overall productivity of all your users or of individual company departments.
  2. Activities – focuses on specific applications and websites and highlights those that might create problems in the protected perimeter. You can see the most common productive and nonproductive activities.
  3. Work report – this report can be used for remote work control during home office time. You can see for how long individual users have been logged into their computers – and for how long they have been actively using them.

An example of Activity Dashboard in Power BI:

Data Security Dashboard

This report template is based on file operation logs. Only outgoing files are taken into account.

The Data Security Dashboard is divided into 3 sections:            

  1. Dataflow – you can see which files are leaving and where (RDP, Web, E-mail, IM, USB, etc.) and also their sizes (small, medium, large). You can filter time range, individual channels, and file types. You can also switch between displaying all files or just sensitive files (i.e. files that have a data category assigned).
  2. Network shares – an overview of what file types can be found on which network shares. This section can also be filtered by time range, file type, and sensitivity.
  3. Risky operations– in this section, you can see operations marked as risky by Safetica. You can filter out only sensitive files or specific users, so you get a detailed overview of what is going on with sensitive data in your company. Risky operations are highlighted, and you can see how many of them were performed.

An example Data Security Dashboard in Power BI: