Data Governance & Compliance

A Solution for Securing Unstructured Data

How do you safeguard sensitive data located in files on your network?

Today’s organizations are facing expansive requirements for safeguarding sensitive and confidential information. Whether it’s intellectual property, financial information, or PII (Personal Identifiable Information), there are data access risks that if not addressed properly, can be potentially devastating to an organization.  

With the risk of having to pay huge fines for noncompliance, most organizations pay particular attention to privacy regulations such as HIPAA, FERPA, and GDPR by restricting access and certifying that only authorized users can access records containing PII.

 

But these same organizations oftentimes don’t give the same diligence to restricting and certifying that only authorized users have access to other sensitive and confidential information such as legal or financial documents.

A Three-fold Solution

1. Determine Access Permissions

  • Conduct a comprehensive review of NTFS permissions on all “high-value” targets on the network.
  • Determine who can access these locations.
  • Determine all of network folders a particular user can access.
  • Determine how access is derived.

 

2. Rectify Access Permissions

  • Information officer consults with department data owners.
  • Needed access permissions are set or adjusted.
  • Authorized users are provided the access permissions they need.

 

3. Set up notifications when access permissions change

  • Active Directory event-based policies monitor changes in access permissions.
  • Individual policies are set for each high-value target.
  • Each policy specifies data owners to be contacted when permissions change.
  • Notifications sent via email.