How to find, protect, and secure your sensitive and high-value data

cybercrime

“We have so many files in our systems, we don’t know what we have, what the files contain, or who has access to the files.” – Most Organizations

Today, providing proper security of a company’s data is critically important. Companies face not only threats from unauthorized access internally and externally, but also must adhere to strict government regulations dealing with all data stored by a company, including unstructured data. The opening statement is one echoed by almost every organization during discussions about their challenges with their unstructured data. 

Unstructured data is the most abundant type of data by far and analysts estimate is growing at a rate of 30% per year. Unstructured data consists of human-generated files in the form of spreadsheets, PDFs, word processing documents and media.

These files can contain information on things like planning, sales proposals, intellectual property, and financial results - the daily and strategic lifeblood of an organization.

This data landscape is immense in many organizations and as a result appear to present an immense challenge without the right approach, tools, and structure of management. 

A major challenge with unstructured data is the nature of how files are used and stored in many different types of storage solutions that have complicated and often improperly managed security controls.

Unstructured data is located in many areas, including network file shares, collaboration solutions, cloud storage systems and email. A key challenge is understanding the controls associated with these systems and ensuring the controls are properly applied. 

Today, work is happening in many locations, and companies need to ensure the right employees have the right access to the right data in the right location, at the right time. If improper access permissions are not in place, one of two bad things will occur.

First, the wrong people have access to key data, and your organization is at risk. Second, when the right people don’t have access to the data they need, the organization is operating at less than efficient levels and people go out of band to share data, which can inherently put the data at risk.

The first step to solving a problem is to first understand the problem. A critical requirement for any organization to resolve these challenges is that they must first understand their unstructured data.

Understanding consists of two critical types of information. First, awareness of the sensitivity of what type of information is contained in the files. Second, understanding the identity of who has access to the data, the type of access they have to the data, and how they obtained this access to the data. Identity knowledge and integration is critical for a successful solution to solve data access governance challenges.

CyberRes, a Micro Focus line of business, has two very powerful solutions to solve organizations’ major unstructured data security requirements: Voltage File Analysis Suite Data Discovery and Voltage File Analysis Suite Data Access Governance. 

Voltage File Analysis Suite Data Discovery (FAS) allows organizations to identify and classify the contents of unstructured data. Knowing the type and content of your unstructured data is critical for business success and, more importantly, regulatory compliance. 

Voltage File Analysis Suite Data Access Governance (DAG) identifies access permissions and provides the means of security and access remediation. Now, not only can organizations understand what type of data is contained in the files organizations are storing, but organizations can also know who can access the files, their permissions to those files, and how those permissions were derived.

The Voltage DAG solution also contains many tools to ensure organizations have proper controls on their unstructured data. Integration with NetIQ’s Identity Governance ensures regular reviews of users’ data access controls. In addition to reporting access permissions, DAG can take needed corrective actions including moving data to more secure locations, archiving or deleting outdated files, and correcting access permissions. 

What is Voltage File Analysis Suite Data Access Governance?

Voltage Data Access Governance is an identity-based solution that allows organizations to gain visibility to the large amount of sensitive unstructured data, and enforce policies to control access to an organization’s unstructured data. DAG helps organizations gain visibility into their unstructured data no matter where it resides.

Combining the power of both products, Voltage FAS Data Access Governance and Data Discovery together, organizations can locate sensitive documents, move them to secure locations, remediate access permissions including changing group memberships, and be notified of changes or attempted changes in permissions.

Tied to the DAG action engine, policies take corrective action, monitor high-value targets, and notify you of potential security problems. Data Access Governance policies eliminate the complexities of managing and securing data in complex storage environments. These environments are intricate and provide too many opportunities for making costly mistakes – especially when performing difficult manual tasks. 

Voltage FAS Data Access Governance and Data Discovery provide the knowledge about files that can solve the common mistakes involving file retention, disposition, and access. Without proper insight and planning, even a simple adjustment of group membership can result in non-compliance. Appropriate application of product-driven data governance policies directly against prioritized high-value target data areas will result in automation of tasks with diminished risks and move the organization to a better security posture.

Voltage File Analysis Suite solutions, Data Access Governance and Data Discovery, provide organizations the confidence they need to take action on their unstructured data and secure the files correctly.