In 2016, we announced Sensitive Data Manager 9.0, our Data Loss Prevention (DLP) solution. In addition to offering the highest accuracy of data discovery and data classification, this release adds powerful, custom data discovery capabilities that reduce the burden on IT Security by allowing organizations to locate their unique sensitive data. Sensitive Data Manager 9.0 increases automation of classification and DLP security controls, reaching deep into cloud environments to further data minimization efforts and manage sensitive data. The addition of user-driven data classification further empowers organizations to take a hybrid approach to integrated DLP management, enabling them to leverage both automated and manual classification.
“Organizations that store sensitive data such as credit card numbers and personal health information are often required by a variety of regulatory compliance mandates such as HIPAA or PCI to take specific steps to protect it. However, existing regulations often don’t address unique, company-specific sensitive data, which is often difficult to both identify and classify, and as a result often falls through the cracks of typically manual processes.” -Garrett Bekker, 451 Sr. Analyst Research
To learn more about Sensitive Data Manager 9.0 from our CEO, Todd Feinman, view the video below.
Examples of Sensitive Data
Customer Information – This type of sensitive personal data includes not only names, but addresses, social security numbers, passport numbers, email addresses, credit card information and often private health information.
Employee data – This is similar to customer information, but it also includes user names and passwords, banking and payroll information.
Trade secrets and intellectual property – information stored in the network or document management systems databases with third parties. Basically, anything that could fall under a non-disclosure agreement.
Industry specific and operational information and inventory – Sensitive information that needs protected regarding customer payment details or health-related data types. Any type of business information or inventory and sales figures.
Ways to protect sensitive data
- Hire the right people that can work together to identify cyber risks and implement data protection.
- Have internal data controls in place and train all employees data safety protocols.
- Make sure that whoever has access to your company sensitive data actually needs that access.
- Have a vendor risk management plan in place. Tier vendors based on what sensitive data they have access to.
- Make sure your vendor contracts are fully protecting your best interest by determining what level of security each vendor needs.