Every organization holds sensitive data – whether it is employee data, customer data, proprietary information, and/or trade secrets. Where that data is held and how it is protected along with who within or outside of your organization can access it are critical measures in determining what level of risk is associated with holding this information. Data and context-aware security policies provide an opportunity for organizations to build a more layered approach to security, prioritizing where efforts (and costs) should be spent, and building multiple lines of defense.
While historical or more traditional security models were focused on perimeter-based security – where security officers focused their efforts on building walls to keep information in and keep adversaries out – that approach in and of itself has become more difficult to maintain in a business landscape with transparent boundaries, which provide invisible walls to keep sensitive data inside the perimeter and intruders out. In order to provide the protection modern businesses require, Compliance Guardian Service Pack (SP) 3 – released this week – extends the platform’s enterprise governance, risk, and compliance management capabilities with the introduction of two new advanced data recognition security features:
- Digital fingerprinting
- Enhanced context based reporting
Digital Fingerprinting
With Compliance Guardian, digital fingerprinting/partial document matching (DF/PDM) checks can be used to detect similarity between files. For example:
- There is a confidential document, and you want to make sure that document and its different versions are not leaked
- Your company has forms that are used to create documents with sensitive data, such as insurance forms
- Documents created from standard forms – for example: patent, tax, or financial documents
- Documents with extensions that have been changed, for example, a “secret.docx” file was renamed to “public.abc”
Compliance Guardian’s advanced DF/PDM capabilities can detect the similarities between the documents, which provides a fast and easy way to holistically compare documents to facilitate data type identification and de-duplication.
Context Based Reporting
Compliance Guardian’s context-aware testing language can identify and report on not only the sensitive content within the data being examined (e.g. credit card numbers, classified information, personally identifiable information), but also the context of that data, including where is it located and who can access it. With this additional level of compliance scanning, information can be accurately pinpointed to determine whether it creates an actionable risk to the business, and if it should be further investigated, remediated, or protected.
Compliance Guardian empowers you to resolve, report, and improve incident tracking and incident management across your organization. The ability not only to conduct a detailed forensic analysis into data privacy, information security, and accessibility issues across your organization, but also to assign and expect accountability for incident resolution, is a key factor in improving compliance. In order to help you monitor and prove your compliance, Compliance Guardian’s trend reports and historical analysis features also allow you to measure and report on your organizations’ compliance improvements over time.
To learn more and request a free demo of Compliance Guardian, please visit our product page today.
