Data Discovery to Rescue Historical Data from Compliance Violations
Blog Article Published: 07/01/2020
By Ishani Sircar, Product Marketing Manager at CipherCloud
As technology evolved and the world migrated to the cloud, the amount of data in the cloud increased at a rapid pace and most organizations in trying to keep pace overlooked security best practices. Organizations are sitting on tons of historical data in the cloud, with outdated security settings or policies. Negligence can lead to data leaks, compliance issues.
What’s historical data? The records that have been residing in the cloud for the past few years unprotected and unnoticed. In the growing cloud-mobile environment the stored sensitive data begins piling up, and without proper visibility, enterprises run the risk of compliance failure, security vulnerabilities, and data breaches. The longer a company leverages a SaaS the more data tends to accumulate in it.
Cloud Data Discovery (CDD) enables enterprises to perform historical scanning of all existing data within a cloud application to ensure compliance readiness. Through an API integration, CDD scans the content, collaboration and links across popular SaaS clouds. With CDD, users can perform a thorough audit of the data resident in the cloud to identify confidential and sensitive information related to PII, PHI, PCI, HIPAA and many more, and enforce remediations to preserve data integrity and compliance.
With an increasing focus on data privacy and implementation of laws such as the CCPA, GDPR organizations are struggling to comply with a broader definition of consumers’ Personally Identifiable Information (PII). Compliance requires knowing what kinds of sensitive data exist, and where they exist, in your sanctioned clouds. Failing to do so, can be a showstopper for most businesses.
SaaS apps are used by most organizations for daily operations. Seeing new threat vectors in the cloud-mobile environment, organizations adopt a data protection solution to encrypt current and future data on cloud. In this case, the historical data is never investigated. A quick scan of that historical data can reveal multiple vulnerability points and a lack of compliance with the latest data privacy laws. Furthermore, a blanket data encryption solution doesn’t account for classification of sensitive and non-sensitive data. Not all data hosted across clouds is equally sensitive. Such a solution will not give the visibility that is required to identify confidential and sensitive information related to PII, PHI, PCI, HIPAA. That is why Cloud Data Discovery provides extensive filtering capabilities to target scans to specific folders or objects of high importance.
A very common problem in the cloud-mobile work environment is inadvertent public data shares. Almost daily there is a new report on an organization that has lost control of their data through innocuous means such as public sharing. Cloud Data Discovery can discover these open shares and immediately take action to remove them or limit data exposure with restricted sharing policies.
With terabytes of information created on SaaS clouds, organizations need to eliminate silos and have visibility into the entire journey of sensitive data moving across devices, users, and clouds. Lack of visibility can build attack surfaces and pose a huge security threat if ignored. Cloud Data Discovery provides a single pane in glass view of the security and compliance snapshot of the cloud. Scans can be scheduled or manual. While a scan is running, CASB+ administrators can track the progress of the scan as well as pause the scan should the need arise. Each scan produces a detailed report that helps the organization understand the data that is stored in the cloud. These reports also include information about the data violations as well as the remediation action that was performed.