Do you know where your sensitive data is? If you can't answer a definitive "yes," then maybe it's time to conduct a data discovery exercise to see if your organization has unencrypted sensitive data in vulnerable places.
If you are old enough, you probably remember a series of public service announcements on TV that went something like this: "It's 10 p.m. Do you know where your teenager is?" It was an effective way to alert parents that they should keep tabs on the important people in their lives.
I'm going to borrow from that PSA and ask, "It's 2013. Do you know where your sensitive data is?"
Many CIOs get uneasy with the answer to that question. Increasingly, the answer is, "No, not always." It seems these days sensitive information could be anywhere -- on servers, desktops, laptops, smartphones or tablets, or even in the cloud. This is a big concern for companies of all sizes and in all industries. It's too easy for sensitive data to be leaked, breached or stored in a location that violates regulations and compliance requirements.
STEALTHbits Technologies just released a new low-cost product that's part of its StealthTOOLS portfolio. StealthSEEK is designed to mitigate security risks associated with unstructured data by assessing the risk of data at rest in Microsoft infrastructures, including servers, shares, desktops and laptops. As of this writing the product doesn't work on mobile devices but it can work against file systems in the cloud.
STEALTHbits has experience in large enterprise assessment of infrastructure and the associated file systems. The company parlayed its file scanning technology into an easy-to-use tool for data discovery. You can download and install StealthSEEK and have results in minutes. This is very unlike the data discovery tools that are part of traditional data loss prevention (DLP) solutions that are far more expensive and resource-intensive to acquire and implement.
StealthSEEK performs two important data governance functions. First, it assesses the risk an organization has of data being exposed due to excessive access rights. For example, if there is a file share where everyone in the organization has access rights, the risk is high that someone will access the data inappropriately. A high-risk score indicates that access permissions may need to be tightened. You can do additional risk profiling as you continue to analyze the data according to its content.
Next, StealthSEEK locates sensitive data at rest based on search parameters. You can use defined search sets or customize your own. For example, you can look for Social Security numbers, credit card numbers, or proprietary information such as product or project information. The scanning engine can open and assess more than 440 file types. It can even get into archives and PST files and use keywords and conditions to search for specific content within these resources.
I mentioned that StealthSEEK is low-cost. There are two pricing models and you can choose the one that meets your needs. The first model is pay-as-you-go. It's free to download the software, but you pay to unlock the search results. What you pay is based on how much data you scan. This model makes it easy to try the product to see if it does what you need it to do before making a bigger investment. STEALTHbits even gives you credits to cover the cost of your first scan. The second pricing model is a simple perpetual license that allows you to scan as much data as you want, as often as you need to.
StealthSEEK is a standalone product but STEALTHbits plans to embed the functionality into its enterprise product StealthAUDIT to provide a broader range of capabilities.
One use case for StealthSEEK is as a pre-audit check of how locked down your sensitive data is. For example, if you're facing a PCI audit. The QSA (qualified security assessor) is going to look for unencrypted sensitive cardholder data in places where it shouldn't be. You could use StealthSEEK to conduct this search before the audit to see if you have unsecured data in inappropriate places, and thus give yourself a chance to remedy the situation before the QSA gives you failing audit results.
Victor Delgado is the senior lead microcomputer/LAN administrator in the Provost Information Technology Office at Texas A&M University. Delgado's group governs over about 40 administrative (non-academic) departments at the university. They look after a variety of student data, health data and enrollment data. Because of state and internal regulations, Delgado's office has to monitor the locations of data that they define as sensitive, and then make sure that data gets encrypted and is adequately protected. "We have to make sure we know where the data is and that it's protected according to all the policies and laws we have to follow," Delgado says.
This team uses StealthSEEK in order to discover where the data is and to identify if they've actually got sensitive data there. If so, they are then able to move that data to a different location in the network and automatically encrypt it. Ordinarily this process would require a lot of manual intervention and a lot of work to step through the process, but the combination of StealthSEEK and StealthAUDIT helps the university automate much of the process.
Delgado says that StealthSEEK allows his team to do certain tasks that no other discovery product does so easily or quickly. For example, they can scan for medical information by simply listing the words they want to scan for, like immunizations or certain drugs. This allows them to see where they have medical data residing. "It has a really open pattern matching regular expression system where, for example, if we're looking for a specific value, we can either use the predefined sets that come with StealthSEEK or customize those quickly and easily. This is a nice feature," says Delgado.
"StealthSEEK has saved us a lot of time identifying files, moving files, securing files," he says. "Admins don't want to be doing this all the time. We want to reduce the time between having a file out there created with protected data and getting it to the end goal of securing it, locking it down, and putting it in the right location. Mainly what StealthSEEK has done is shorten that time between getting data on the network and getting it to the state it needs to be in."
If you think you might like to find out how well this data discovery tool works in your environment, you can download it at http://stealthbits.com/stealthseek. The first credits to unlock your initial scan are on the house from STEALTHbits.
Linda Musthaler is a principal analyst with Essential Solutions Corporation. You can write to her at LMusthaler@essential-iws.com.
About Essential Solutions Corp:
Essential Solutions researches the practical value of information technology, and how it can make individual workers and entire organizations more productive. Essential Solutions offers consulting services to computer industry and corporate clients to help define and fulfill the potential of IT.