Skip to main content

Heatmap Configuration

Heatmap Configuration

Overview

The Heatmap feature is used to calculate the risks of certain areas of the Datamap. The results of the heatmap configurations, which can be configured by users, will be depicted on graphs for easy understanding and analysis.

Meru's Data Governance Tool has 2 types of Heatmaps: Decision Tree and Weighted Average, depending on how the rules are configured and their scores are calculated.

To use Heatmap, follow these steps:

  1. From the hamburger menu present on the left of the screen, click on Datamaps.

  1. On the Datamaps page, click on Heatmap Configuration.

  1. The 2 kinds of Heatmap configurations will be visible here.

Weighted Average Configuration

To create a Heatmap using the weighted average configuration, follow these steps:

  1. On the Heatmap Configuration page, click on Weighted Average Config.

  1. On the Weighted Average Config Screen, click on the Add button to create a new rule config.

  1. A new Rule will appear, add your rule configuration here.

  • Category: Domain users can title the category of the rule based on their requirements.

  • Datamap Field: From the drop-down, select the Datamap fields that affect or define the category. For example, if the category is Security, then from the drop-down select the Datamap fields that define/affect Security. Or if the category is Privacy, the field Personal Information can be selected as it could affect privacy.

  • Query: There are 3 possible queries; Boolean, Keyword and Range. Examples of each will be given below.

  • Match Count: The number of actual keywords in the field that match with the rule configuration. This is only applicable to Keyword Query.

  • Weight: The weight of the risk as defined by the domain user. The weight value is multiplied by the Found Value.

  • Found Score: The score if the value of the query matches with the value in the field.

  • Not Found Score: The score if the value of the query does not match with the value in the field.

  • Null Score: The score if there is no value present in the datamap field.

  • Action: The rule can be deleted by clicking on the delete icon against that rule.

Boolean Query -- This query is used when the value of the Datamap field is either Yes or No. The example below depicts a Boolean query.

In this example, the risk category is Privacy and here privacy is affected by whether Personal Information exists in the system and whether the CCPA is followed.

  • In this first rule, the value of the Query is "No", the Found Score is "5" and the Weight is "5", meaning that if the value found in the CCPA field is No, then the score of the Privacy risk will be 25; Weight x Found Score, 5 x 5.

  • If the value in the CCPA field is not "No" (as defined by the Query) then the score of the Privacy risk will be 5; Weight into Not Found Score, 5 x 1.

  • If there is no value in the CCPA field, then the score of the Privacy risk will be 15; Weight x Null Score, 5 x 3.

Interpretation: If the systems are not CCPA compliant then then privacy risk is highest compared to the other two scenarios (Found Value = "No", then Privacy risk score is 25). In other words, if the CCPA field has the value "No" then that system is at a higher privacy risk.

  • In the second rule, the value of the Query is "Yes", the Found Score is "5" and the Weight is "2", meaning that if the value found in the Personal Information field is Yes, then the score of the Privacy risk will be 10; Weight x Found Score, 2 x 5.

  • If the value in the Personal Information field is not "Yes" (as defined by the Query) then the score of the Privacy risk will be 0; Weight into Not Found Score, 2 x 0.

  • If there is no value in the Personal Information field, then the score of the Privacy risk will be 6; Weight x Null Score, 2 x 3. Interpretation: If the systems hold Personal Information, then then privacy risk is highest compared to the other two scenarios (Found Value = "Yes", then Privacy risk score is 10). In other words, if the Personal Information field has the value "Yes" then that system is at a higher privacy risk.

*Note: Here the Match Count field is invalid, any value entered in this field will not impact the score.

Keyword Query -- This query is used when the values in the Datamap field are in the form of multiple keywords. The example below depicts a Keyword Query.

In this example, the risk category is Privacy and here privacy is affected by the different Document Types present in the system.

*Note: Values entered in the Query field should be separated by commas as shown in the example.

  • In this rule, the values of the Query are -- "Bank Statements, invoices and resumes". The Match Count is "2", the Weight score is "4" and the Found score is "4". This means that if any 2 (Match Count) of the Query values are found in the Document Types field, then the score of the Privacy risk will be 16; Weight x Found Score, 4 x 4.

  • In the case that only less than 2 values found in the Document Types field match the query, then the privacy risk score will be 12; Weight x Not Found Score, 4 x 3.

  • If there are no values in the Document Types field, then the score of the Privacy risk will be 4; Weight x Null Score, 4 x 1.

Interpretation: If the systems contain 2 or more of the Document Types defined in the query, then the privacy risk is higher compared to the other two scenarios (Match Count = 2, Found Value = 4, then privacy risk score is 16) In other words, if the Document Types field have 2 or more of the values defined in the query, then that system is at a higher privacy risk.

Range Query -- This query is used to define a numerical range when the values in the Datamap fields are numbers. The example below depicts a Range Query.

In this example, the risk category is Security and here security is affected by the size of the system.

  • In this rule, the value of the Query is > 50, the Found Score is 5 and the Weight is 4, meaning that if the value found in the Size field is greater than 50, then the score of the Security risk will be 20; Weight x Found Score, 4 x 5.

  • If the value in the Size field is less than or equal to 50, the Security risk will be 4; Weight x Not Found Score, 4 x 1.

  • If there is no value in the Size field, then the Security Risk will be 0; Weight x Null Score; 4 x 0.

Interpretation: If the size of the Systems is greater than 50, then the privacy risk is higher compared to the other two scenarios (Found Value = 5, then privacy risk score is 16) In other words, if the Size fields have values above 50, e.g., 60 or 83, then that system is at a higher security risk.

The range query can include different conditions, examples are Less than: <50 Greater than: >50 Less than or equal to: <=50 Greater than or equal to: >=50 And conditional: >=50 and <=60 Or conditional: <=50 or >=60

Note: The operation should always precede the number

Note: Scores can be configured in negative digits and decimal points. An example is given below.

  1. To recreate any rule config, click on the Duplicate Rule button at the bottom of the page.

  1. After making any changes/modifications to the rule, the Revert Scores button can be used to bring back the previously calculated scores (the scores before the latest changes were made). However, this only brings the last score, it cannot be used to bring back any scores before the last score.

  1. The Generate Scores button in the Weighted Average Config tab is a functional control used to calculate and display score values based on the rules and weights configured in the table.

  • It processes each entry by evaluating: Query results, Match Count, and Assigned Weight.

  • Using this data, it generates: Found Score, Not Found Score and Null Score.

Viewing the Weighted Average Heatmap:

The Weighted Average Heatmap is located on the Datamaps page, above the Data Types graph.

  1. Click on the Weighted button.

  1. Next, from the Category drop-down, select the risk category you configured.

  1. The Weighted Average Heatmap that you configured will now be visible here.

  1. The systems who have a higher privacy risk score (as per the Boolean query example above), will be displayed higher up on the graph in red. The systems with the lowest privacy risk scores will be displayed at the bottom of the graph in green. Hover over any of the circles to view the system name and the score of that system.

  1. View only required systems on the graph by selecting those systems from the Select Systems drop-down.

  1. On doing so, only the selected systems will be visible on the graph.

  1. The scores of individual systems can be accessed by selecting the system from the Select Systems drop and then clicking on the Score Breakout button.

On doing so, the scores of each selected system will be displayed individually.

  • Here, in the case of the CCPA rule for the system Accurate, we see that the Actual Value (the actual value found in the System Field) was "Yes".

  • This means that the Not Found Score is considered, as the Query specified "No" and the Actual value found was "Yes".

  • Hence the privacy risk score is 5; Weight x Not Found Score, 5 x 1. This is reflected in the Overall Score Field.

  • Here we can see that the Actual Value is "Yes", the Actual Score therefore is taken as 1 (Not Found Score) and the Overall Score is 5.

  • The Overall Score of the Personal Information rule is 6 (Weight x Null Score, 2 x 3).

  • Here we can see that there is no actual value in the field and hence the Null Score applies to the rule

  • The total privacy risk score for the system Accurate is the addition of the Overall Scores of each rule, here is it 5 + 6 = 11

  • The total privacy risk score of the system Accurate is reflected in the Heatmap.

Further, the Heatmap score can also be found on the System details page of the System. To locate the Heatmap score on the System Details page:

  1. Go to the system in question. You can do so by clicking on the circle for that system on the Heatmap. In the above example, we clicked on Accurate and were navigated to the System Details page for Accurate.

  2. Here open the System Details tab of that System.

  1. On the System Details tab, scroll down to find the Weighted Heatmap fields.

  1. Here we can find the different weighted heatmaps configured. The title of the field will be as follows: Weighted + Category Name + Heatmap.

The privacy heatmap we configured, with the overall score is seen here.