Data Discovery and Classification
Uncovering your critical data is best done with an automated, reliable and consistent search and classification tool.
Teams of humans are expensive and are not effective at classifying large volumes of documents. These large repositories built up over many years need a fast, automated tool. Getvisibility Focus is completely automated and designed to scan and classify multiple millions of documents that may have not been accessed in years.
Rich, consistent tag sets that map to your existing internal confidentiality levels are useful as you can immediately understand the sensitivity of the document and apply the correct procedures. Or customise the tags, map them to your new Data Loss Prevention (DLP) platform and get your documents automatically imported.
This is a valuable step towards implementing automation for data protection as well as Focus integrates to DLP platforms such as Microsoft Azure Information Protection.
During the discovery and classification we collect useful data about files and emails.
This allows acting on ROT (redundant, obsolete and trivial data). Also, classifications of email to the same tag taxonomy and confidentiality levels allows a unified approach to data protection and we seamlessly classify emails, attachments and standalone files the same way.
Mapping to Data Loss Prevention (DLP) tags that can be applied during the scan allows large repositories to come under the control of the DLP. A powerful feature!
Compliance to EU GDPR
The data protection law has been significantly changed since 2017, with the General Data Protection Regulation in Europe, and new data protection laws from various countries like California Consumer Privacy Act (CCPA for short), Brazilian Data Protection Law (LGPD) and many others.
These new regulations are about protecting Personal Identifiable Information (PII). It is a challenge by itself to identify PII, as it covers any information that can describe a person. In GDPR, there are also at least 3 types of PII data: Personal, Sensitive Personal, and Special Category.
In Getvisibility we understand this problem, and use Machine Learning, Natural Language Processing and Named Entity Recognition to identify PII with a high degree of confidence, and also answer the most important GDPR questions - where is the PII data, who has access to this data, and who is using it on a daily basis?
Understanding where your most sensitive data resides is key to your security. Employees may store data on their local devices, upload it to shadow IT, email data out of the organisation and other unsafe activities. Getvisibility discovers and catalogues your data under your company's taxonomy, and shows the data location.
As the data grows daily, it is hard to keep up to date with your data governance posture. While Getvisibility classifies your data based on its content, we also reads the file metadata. With our single pane of glass, you can see data duplicates, data with no business value, and old data.
Getvisibility provides the information you need to archive, migrate or delete such data.
Monitoring Data Access
Real-time reaction to new data being created, existing data being modified, and irregular activity relating to sensitive documents requires an extension to simple scanning and slow classification.
We have extended the Focus platform to respond to new data or modified data events from sources such as file servers and CloudTrail that allow classification of new data in significantly less than 1 second (dependent on the file size). This allows new and recently modified data to fall under the protection of your DLP systems (if present) immediately.
By monitoring such event activity across multiple streams and sources, and crucially, knowing which files contain sensitive data, we have also expanded our system to perform Complex Event Processing (CEP) and User Behaviour Analytics (UBA) with machine learning models to detect anomalous behaviour with low false positive rates.
This gives you confidence that the reported incidents are real and remediation can be performed.
We can push alerts to external platforms such as Security Incident Event Management (SIEM) systems such as IBM QRadar or Exabeam, push alerts to syslog, send emails, or execute external scripts. Handling data access as it happens closes the loop for the Focus platform that is the perfect solution for your unstructured data protection needs.