New data protection regulations require organizations a much stricter focus on data security and make data inventory a critical component for ensuring compliance.
The amount of digital data continues to grow exponentially, and together with this, the variety of locations where companies can store data as well as the number of people accessing and storing files is also increasing. Regulations such as the General Data Protection Regulation (GDPR) or the California Consumer Protection Act (CCPA) are the driving factors for businesses taking a much closer look at their data. Organizations need to understand not only how and where data is being used and transmitted but also where it is stored.
The importance of data inventory
Data inventory provides detailed information about a company’s data assets, including the type of data they collect, where it is located, and with whom it is being shared. Being an important part of data protection, the process of data inventory includes both data discovery and data classification, helping businesses to understand, remediate, and manage privacy risks.
Data Loss Prevention (DLP) solutions, such as Endpoint Protector, are commonly used to understand and provide data visibility, thus helping to create a data inventory. Such solutions are just as valuable to protect data at rest as they are to protect data in motion. By scanning and monitoring data at rest through their content discovery features, DLP tools can significantly reduce potential security risks and ensure that stored data stays compliant.
How eDiscovery helps with your data inventory?
The eDiscovery module of Endpoint Protector can discover and identify regulated data stored on endpoints, providing data visibility and securing organizations’ most valuable data. After identifying sensitive data such as Personally Identifiable Information (PII), administrators can take remediation actions, including deleting or encrypting files found on unauthorized users’ computers. Content discovery is essential, as otherwise, companies might be unaware of what sensitive data their employees store on their devices. What’s more, they wouldn’t be able to fulfill the right to erasure either, which is a requirement for both GDPR and CCPA.
Our enterprise-grade content discovery tool offers the possibility to search over a hundred file types for known PII, such as credit card numbers, social security numbers, passport and national ID numbers, and more. It comes with predefined search parameters that include the most commonly protected PII, and companies can also create custom policies to search for particular data, as in the case of data deletion requests.
With customizable policies, organizations can define and finetune the details of the data they need to protect. Our content scanner can also pick up metadata consisting of the tags added by data classification solutions such as Boldon James. Currently, our solution can extract classification metadata from over fifty file types, and we add new ones in each release. By performing regular PII scans, companies can determine where PII is being stored and identify patterns in how data is being used and saved by employees.
eDiscovery can scan and identify personal information on all the endpoints and ensure that data at rest is compliant with the requirements of the GDPR or CCPA. It can also protect cardholder data and credit card information, helping to comply with the Payment Card Industry Data Security Standard (PCI DSS). Regulated data can be easily found by simply selecting from predefined data protection policies. Besides PII, our content discovery tool can also protect intellectual property such as patents and source code.
As a multi-OS solution, eDiscovery can perform cross-platform scanning on Windows, macOS, and Linux computers, thus ensuring endpoint compliance, all from a single dashboard. A unique feature that our solution offers is the possibility to define the location that will be inspected, whether an entire network, a computer, or a USB device.
Content discovery is paramount in creating a data inventory and providing adequate protection or secure removal for data at rest. It also enables companies to protect their reputation and avoid potential penalties for non-compliance. Tools such as eDiscovery diminish enterprise security risks more efficiently than using network monitoring alone, this being an important reason why organizations should consider full DLP suites over single-channel products.
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.