We are pleased to have a guest writer for this month's edition of Security Notes. Written by George Schaefer, CoFounder of NexGenData, this edition of Security Notes will focus on data mining, data loss-prevention strategy, and the potential areas of concern within your organization. Some of you may already know, but we will soon be officially announcing our newly formed partnership with NexGenData. Through this alliance, we believe we can address a potentially significant security issue that we continually experience on the street. As always, please feel free to reach out if we can be of assistance in any way.
Jeff Harris
organizations are protecting the perimeter of their network using firewalls and anti-virus protection. This is often combined with vulnerability scanning and penetration testing to further harden network defenses. However, even the most secure defenses can be breached. And unfortunately, no organization is safe from the threat of sensitive or confidential information being accidentally or maliciously leaked. This means that it is increasingly important to insure that sensitive data is located and secured. Otherwise, the organization is exposed to theft or unauthorized access to/use of this data, which could result in costly efforts to remediate or control the damage, a loss of reputation and customers, and potential fines and litigation.
The first step in securing sensitive information is to understand where it's located. You can be sure that sensitive data is lurking, unsecured, in spreadsheets and databases and in users' files and e-mails. It is this need to locate and secure organizational information that caused my company, NexGenData, to partner with True Digital Security. Although our team at NexGenData has been creating enterprise-class software products for many years, we were not experts in systems and data security. We knew that most organizations had trouble finding and using the vast amounts of data in files, databases and application data stores. True Digital Security understood the security risk this presented and realized that the typical, manual approaches to finding sensitive data are simply not up to the task in today's complex environments.
NexGenData creates tools and technologies for enterprise search, data classification and enterprise data mashups. Our goal is to allow organizations to find, use, and integrate their information, no matter where it is located. Enterprise search is the foundation for our products and technologies, but what exactly is meant by enterprise search? We mean the application of Internet search approaches behind the firewall. Enterprise search engines crawl and index an organization's files and directories the way Internet search engines crawl and index the World Wide Web. This process supports keyword searches of an organization's files, just like Internet Search engines support keyword-based Internet search. You can see that a solution for scanning an organization's systems and storage and identifying and classifying sensitive data would share capabilities with enterprise search: both would crawl or scan an organization's files and both would search the content using specific criteria.
Still, enterprise search doesn't solve the problem of locating and securing sensitive data for a number of important reasons. First, keyword searches can't find social security numbers, bank and credit card numbers, patient identifiers, and other sensitive identifiers unless you know the numbers in advance. Instead, you need a system that searches for patterns. For example, you can find social security numbers by searching for data comprised of three digits followed by a dash, two digits, another dash, then four digits ("NNN-NN-NNNN"). Patterns alone aren't enough, though?there will be too many "false positive" matches when it comes to locating identifiers like account numbers. Second, the system must be able to access databases and application-specific data stores in addition to standard PDF and text files and regular Office documents and e-mails. Enterprise search engines are usually limited in their ability to access databases and application-specific data. Finally, enterprise search doesn't offer data classification and reporting.
NexGenData's solution extends enterprise search to better expose and access hard-to-find corporate information, and to navigate across systems and files following natural relationships inherent in the underlying data. Our advanced search, tagging, classification, and data clustering features make this possible. True Digital Security recognized that these capabilities could also finally solve the problem of identifying and classifying sensitive organizational data as part of an Information Security strategy. Our enterprise search engine provides the ability to search these data sources using complex patterns and expressions, and supports the post-processing of all matching results using formulas and algorithms to eliminate "false positives." It crawls databases of all kinds, files of all kinds, and, if necessary, can be quickly extended to search application-specific data. NexGenData's products feature the automated tagging and classification of data that has been crawled and indexed and meets organization- and data-specific rules. These features allow enterprise search to play an important role in organizations' data security needs.
Once located and classified, it is necessary to understand who uses the data and how it is being used. Armed with this information, organizations can implement appropriate controls, policies, and procedures to protect themselves and secure their critical information. If you're not taking these steps, you're almost certainly failing to meet industry standards and government rules and regulations. As always, make sure that your approach incorporates the expertise of proven security professionals and uses the right tools for the job. If you have questions or need recommendations in securing your confidential data, please contact our partners at True Digital Security.
George Schaefer
Co-Founder
NexGenData, LLC