Your sensitive data could be hidden in places that will surprise you.

 

Keeping sensitive data safe from vulnerabilities in today’s digital world is not as easy as keeping it under lock and key. Data security has taken a center stage in recent times, with the advancements in the regulations and the awakening of the common man with the knowledge of their data rights.

Unfortunately, privacy and security are not primary considerations in how applications are built. In a database, going by the column names, you would think that you know where your sensitive data is, right? But did you know that more than 70% of your sensitive data lies in undocumented and hard to find locations such as complex columns, free text fields, and temporary tables, to name a few?

How does it get there? There are developers who take shortcuts, creating temporary locations where sensitive data could be stored, and end users who may enter the sensitive data where they are not supposed to. Let’s take a real-life example of a financial application. They had bank account details for the employees to send expense report checks. In the description field, which gets printed on the check memo, there were Social Security numbers. And this was not a rare occurrence. SSNs of 60,000 employees were found by MENTIS’ robust discovery which uses patterns with validation function.

The latest Verizon Data Breach Stats states that 63% of organizations who suffered a data breach did not know where their sensitive data was. This demonstrates that the first step of a robust security strategy is an equally robust discovery, which tells you exactly where your sensitive data is. The aftermath of an incomplete discovery in downstream protection is even more catastrophic. Your security strategy remains incomplete and any downstream data masking based on this incomplete information will lead to inconsistent data and partial monitoring of sensitive data access.

In the real world, you not only need to know where your sensitive data is, but also do so with minimal false positives. That is why rudimentary dictionary match and reg-ex matching do not make the cut, as they result in too many false positives.

What you need is an effective and efficient discovery solution that goes beyond the rudimentary to include sophisticated methods in pattern matching, master data matching, and code scanning to see who has access to the data and who is modifying it.

Every day your sensitive data is lying in hard-to-find locations unknown to you, is another day you risk a breach, control failure, and regulatory non-compliance.

Fortunately, there is a solution that solve this challenge. To know more, download MENTIS’ data sheet for sensitive data discovery here.