Sensitive files are not just those files containing personal identifiable information (PII), they’re also the files that contain sales forecasts, financial numbers, and other strategic content to provide a competitive advantage for the organization. This information is frequently stored in spreadsheets, presentation files, and word processing files that are collectively known as unstructured data. They reside in high-value targets on the network that need to be protected from unauthorized access.
Sensitive unstructured data such as sales forecasts, HR information, and legal documents need to be protected from unauthorized access. These files must first be identified and if needed, moved to a new folder. These folders or “high-value targets” then need to be secured with the correct access permissions given only to authorized personnel. User access and permissions then need to be strictly enforced.
Effectively identifying sensitive data, changing access permissions, and securing high-value targets from unauthorized access requires the cooperative efforts of the departments who are familiar with the data and its sensitivity, and the IT department tasked with managing it. In fact, a data owner from each department should be not only consulted about data disposition and access permissions but notified when any access permissions are changed or attempted.
Locating sensitive documents, moving them to secure locations, remediating access permissions including changing group memberships, and being notified of changes or attempted changes in permissions requires the integration of an enterprise level reporting product coupled with action engines that take corrective action, monitors high-value targets, and notifies you of potential security problems.