Enterprise Data Discovery
Control Data Sprawl
Locate, Classify, Catalog & Protect Sensitive Data … Wherever it is
Make sure your data is secure before it multiplies throughout your organization
The growth of Big Data and new technologies bring an ever-increasing amount of data being used and stored all over the enterprise, including cloud storage apps. Confidential and compliance data resides on PC’s, file-shares, Exchange, PST, and OST files as well as off-premises in the cloud. Large amounts of data must be classified, protected, and monitored. File-level and Directory level access controls must be implemented, a task that manually is too difficult and time-consuming. Furthermore, one must identify both structured data such as PII, PHI, and PCI as well as unstructured data including intellectual property data assets. Often times such data appears in images that must be redacted (anonymized). GTB’s Data Discovery helps organizations locate and classify sensitive data, find out how it is being used, and protects it against loss, theft, or leakage.
What is GTB Data Discovery?
Highly rated by Gartner in their 2017 Magic Quadrant for Enterprise Data Loss Prevention, GTB’s Data Discovery DLP, a facet of GTB’s DLP that Works platform, can scan structured and unstructured data, protecting sensitive data residing in Local PC’s, Files-shares, Exchange, PST/OST files, SharePoint, and any ODBC compliant database. In addition, GTB Discovery can discover the same data in cloud services such as Box, Dropbox, Hosted Exchange, Azure, Office 365, OneDrive, SharePoint, and Google Drive. Scans can be run as a batch process with results sent to multiple event responders. Comprehensive enterprise reporting on file-owners, locations, file types, and actual DLP Policies are included.
Highlighted features:
- GTB’s Data Discovery does NOT require appliances or expensive servers.
- Deployed and managed by the GTB Central Console, an enterprise command center. Share the same data security management extensions and policies with all of GTB’s Data Protection facets.
- Performs data classification automatically based on file content.
- Control sensitive data with customized classification values.
- Send alerts when data is saved or moved in contradiction of policies.
- User-Based / Automatic Classification.
- Classify emails and files.
- Data misclassification
- Index and mine data/data sets.
- Move, Copy, Delete, Redact, or apply Enterprise DRM on sensitive data.
- Generate digital signatures to protect documents when in transit to the Internet or to USB devices and Printers.
- Discovers hidden data and embedded objects.
- Centrally manage data security policies and controls across unstructured, semi-structured, and structured repositories or silos.
- Agent-less and agent options
- Multi-threading technology that can achieve 1 Gigabyte per minute scan speed (with multiple core CPU).
- Integrates with GTB Enterprise DRM for File level access controls.
- Scans images with the ability to redact sensitive data.
- Full indexing system (DocuTieTM) is supplied at no charge for further analysis.
Prevention of Sensitive Data Loss with Intelligent Search & Complete Data Classification
Every organization has sensitive data such as PII, PHI, PCI, GLBA, HIPAA and Intellectual Property such as source code, trade secrets, or strategic business plans. Sensitive data is critical to the brand, public reputation, and maintaining a competitive edge. Today companies must protect such data whether at rest or in motion. Securing the Data during transmission is critical, but the first step is to secure it before it is accessed or moved by unauthorized users. Discovery is the first step in understanding where sensitive resides. Unlike out of data solutions, GTB’s accurate data discovery provides unparalleled, intelligent search for both structured e.g. Personal Identifiable Information (PII) and unstructured e.g. Intellectual Property (IP) data assets. GTB’s data classification is the most complete data classification solution available on the market today
Deciding What Information to Protect
GTB’s Intelligent Data Discovery can be configured to scan multiple complex big data repositories, data centers, cloud storage and data dispersed throughout the organization, identifying data for explicit protection and analysis. Data covered by Government and industry regulations such as PII, PHI, PCI, GLBA, HIPAA, HITECH, FERC/ NERC/ CEII, FERPA, FISMA, ITAR, SOX, GDPR, CCPA, and others, can be accurately identified. Data scanned can be indexed or cataloged for further security mitigation, forensics, and analysis.
Creating Policies for Data Protection
Once you know what information to protect, GTB Data Discovery can automatically protect that information. GTB Data Discovery provides intuitive and unified policy creation, enterprise reporting, and management to gain more control over your information protection strategy for data at rest.
Scanning for Data with Intelligent Search
GTB Data Discovery supports multiple data targets. The system is fully AD Integrated where a local scan may be performed for an entire Domain, Organizational units or specific Hosts. Exchange scans support Mail Groups or specific Mailboxes. SharePoint scans support scanning for multiple stores at the same time. Any Database may be scanned to identify unencrypted data in any table. PST/OST files may be scanned with detailed reporting on violations in any Folder inside. Cloud storage is supported as well with the same feature set.
Data Remediation
Once GTB Data Discovery finds content that violates policies, it may automatically perform remedial action on files:
- Copy to a File-Share
- Move to a File-Share
- Delete the file
- Redact images
- Classify
- Archive
- Enforce access right to the file
- Encrypt
Enforcement actions are optional and may be changed from one scan to another. All events are recorded in the GTB Central Console, an enterprise data protection command center, where workflow/case-management and enterprise reporting are available.
Visibility: Accurately, discover sensitive data; detect and address broken business process, or insider threats including sensitive data breach attempts.
Protection: Automate data protection, breach prevention and incident response both on and off the network; for example, find and quarantine sensitive data within files exposed on user workstations, FileShares and cloud storage.
Notification: Alert and educate users on violations to raise awareness and educate the end user about cybersecurity and corporate policies.
Education: Start target cyber-security training; e.g., identify end-users violating policies and train them.
- Employees and organizations have knowledge and control of the information leaving the organization, where it is being sent, and where it is being preserved.
- Ability to allow user classification to give them influence in how the data they produce is controlled, which increases protection and end-user adoption.
- Control your data across your entire domain in one Central Management Dashboard with Universal policies.
- Many levels of control together with the ability to warn end-users of possible non-compliant – risky activities, protecting from malicious insiders and human error.
- Full data discovery collection detects sensitive data anywhere it is stored, and provides strong classification, watermarking, and other controls.
- Delivers full technical controls on who can copy what data, to what devices, what can be printed, and/or watermarked.
- Integrate with GRC workflows.
- Reduce the risk of fines and non-compliance.
- Protect intellectual property and corporate assets.
- Ensure compliance within industry, regulatory, and corporate policy.
- Ability to enforce boundaries and control what types of sensitive information can flow where.
- Control data flow to third parties and between business units.