Simplify your security stack Integrated Solutions
Spirion provides the single source of truth of sensitive data required to generate improved ROI from DLP, CASB, and NGFW tools. Our mission to protect sensitive data works in tandem with tools that have unique ways of keeping data out of the hands of malicious actors. See how Spirion’s discovery and classification capabilities provide the data identity necessary for Information Rights Management (IRM) efforts, the intelligence required by Security Information and Event Management (SIEM) tools, and the precision leveraged by modern de-identification technologies.
Information/Data Rights Management (IRM/DRM)
An increasingly common way to protect sensitive data is to restrict access to only the specific individuals that require it. Rights Management solutions can define groups based on their department, role, security clearance, geography, or any combination of these parameters and more.
To do this, rights management solutions encrypt the selected files and limits the set of users that are permitted to decrypt these files. Rights management can also limit user rights to read-only, or limit actions such as printing, copying text, or sharing. These solutions excel at keeping prying eyes away from unauthorized data but can sometimes require assistance in understanding which data requires which level of protection.
An ongoing challenge in data security is managing the rights of who gets access to which data. Determining who can access data, when they can access it, and from where can be complicated. Spirion simplifies rights management by working with leading providers to automatically enable the appropriate level of encryption based on the sensitivity of the data. Organizations can gain the maximum functionality from their Rights Management and Encryption applications by leveraging the unparalleled accuracy of Spirion discovery and identification. This fortifies your organization’s data security and compliance posture by ensuring your protection policies are optimized for the sensitivity of the data.
Questions to ask
- Are you currently using full-disk or whole-database encryption?
Why we ask: The benefits of full-disk encryption are simplicity of deployment and less disruption to daily workflows. However, this ease-of-use can open organizations up to insider threats while promoting a false sense of security. Simply painting all data with the same brush is not a recipe for security. Spirion file-level identification can hep facilitate a safer, more granular, encryption strategy.
- What types of data you are encrypting and why?
Why we ask: In our experience, many organizations lack a clear idea of the data types they are encrypting or to whom the rights to access said data belong to. Spirion makes encryption efforts work as intended by allowing the right level of encryption to be applied based on data sensitivity and configuring rights based on immediate need.
Microsoft + Spirion
Azure Information Protection (AIP), a cloud-based solution, enables organizations to classify and protect documents and emails by applying labels. It supports both manual and automatically labeling to help you both classify and (optionally) protect your documents. When integrated with Spirion, users can take advantage of both AIP’s labeling methodology and the more customizable Spirion persistent data classification methodology to invoke AIP Rights Management.
Seclore + Spirion
Seclore Rights Management, the only entirely browser-based security solution, ensures sensitive information, digital assets, and documents can be protected and tracked wherever they travel and are stored with granular, persistent usage data security controls. When integrated with Spirion, Seclore can invoke specific protections based on Spirion classification tags
Security Information and Event Management (SIEM)
Security Information and Event Management (SIEM) solutions are essential to organizations for managing workflow, delivering real-time analysis of security alerts, and supporting against attacks. SIEM technologies collect security log events from various hosts within an enterprise and centrally store the relevant data. By bringing this log data together, SIEM products enable centralized analysis and reporting and help organizations decrease the impact of advanced cyber attacks by proactively monitoring the network for irregular activity in real-time.
A SIEM tool provides reporting about security incidents as well as real-time alerts based on analytics to an organization’s incident response team. SIEM tools aggregate data from across a networked environment, and makes that data useable. With the data categorized by a SIEM, users can research data security breaches with as much detail as necessary or even stop potential breaches in their tracks with real-time detection of anomalous behaviour.
SIEM technologies deliver many advantages, but lack a level of context awareness that would allow organizations to understand how events are related to the data impacted during security incidents. For example, a user accessing a folder or a server might not seem like a risk, but if the user is from R&D and is accessing and distributing customer data, it could represent malicious activity. Accurate identification of data sensitivity should be integrated into the SIEM to prevent this.
Organizations can gain the maximum efficacy from their SIEM solutions by integrating with Spirion. Once sensitive information is discovered by Spirion, persistent machine-readable metadata is applied to the data identifying it with its sensitivity level, which is then tracked by the activity logs collected by the SIEM product of choice. By providing the data context awareness required to ensure optimal data analysis and reporting, your organization’s data security and compliance is fortified.
Questions to ask
- What is the end goal of your SIEM deployment?
Why we ask: It’s important to set proper expectations do gain maximum value from your SIEM deployment. Understand what kinds of events and threats you wish to detect. Is your organization primarily concerned with protecting intellectual property, financial information, or customer data? How will your SIEM deployment detect the unauthorized movement of each of these unique data types? Accurate data identification from Spirion can help optimize your chosen SIEM solution to detect various anomalous behaviors.
Splunk + Spirion
Splunk makes machine data accessible across an organization by identifying data patterns, providing metrics, diagnosing problems and providing intelligence for business operations. Spirion creates persistent, machine-readable metadata that this product can track in its activity logs, providing context awareness and improving your analysis and reporting capabilities.
Alien Vault + Spirion
AT&T Cybersecurity provides you with a feature-rich open source SIEM complete with event collection, normalization and correlation. Spirion creates persistent, machine-readable metadata that this product can track in its activity logs, providing context awareness and improving your analysis and reporting capabilities.
Whether by way of good data governance strategies, or compliance pressures brought on by privacy regulations such as GDPR & CCPA. Organizations are required to delete user data from their systems more frequently and at greater volumes than ever before. Often, this data has genuine business utility that is lost when the personal data is stripped from the systems.
De-identification is a process for removing personally identifiable information (PII) from a data set. De-identification protects the privacy of individuals since once de-identified, a data set is considered to no longer contain personal information. If a data set does not contain personal information, the privacy protection provisions of the Freedom of Information and Protection of Privacy Act (FIPPA) and the Municipal Freedom of Information and Protection of Privacy Act (MFIPPA) no longer apply. This reduces the risk of non-compliance.
Much of this data is used for analytics or demographic purposes, but more commonly, these datasets are used to test mission-critical software systems before deploying code into production. Systems such as healthcare administration, e-commerce, and supply chain logistics rely on accurate, real-world data to for testing, so production environments don’t encounter disastrous bugs. Organizations across multiple industries need a way to achieve compliance standards while maintaining the integrity of the original data and format.
Commercial tools exist that provide cloned data that looks, acts, and feels just like your production data to safely share it across teams, businesses, and international borders without violating privacy. Where simple obfuscation or redaction simply removes the offending data from the database, these tools replace it with synthetic versions that retain their utility while removing its connection to any individual. The results are indistinguishable from “real” data and cannot be reverse engineered.
With Spirion’s AnyFind® active scanning technology, companies can be confident by identifying database locations where sensitive data exists. Spirion performs fast and accurate searches of structured data in locations where many other solutions cannot. By identifying the sensitive data exposure, organizations can more accurately focus their de-identification efforts and protect sensitive data more effectively. Together, the joint solution provides a mathematically provable guarantee of privacy protection against a range of privacy attacks.
Questions to ask
- Do you need de-identification or anonymization?
Why we ask: When a data set is anonymized, which is common practice in medical research, all Personally Identifiable Information is from the data set before use or distribution to protect the privacy of any individuals. While this is a useful step towards protecting privacy, the anonymized data can still carry certain privacy risks; such as the ability for the data to be cross-referenced with other data sets to identify the underlying data subjects. True de-identification can obfuscate not only the PII involved, but also any cross-referenceable data to reduce the possibility of any re-identification.
Tonic + Spirion
With Privacy regulations like GDPR & CCPA, companies need the ability to remove individual data from their systems without losing the business, scientific, analytic, or demographic value that data provides. Tonic uses Database Anonymization, Database Subsetting, and Data Synthesis to replace data/text within structured data repositories to anonymize it while still maintaining value. Spirion’s unparalleled sensitive data identification can determine what data need to be deleted and where it lives, streamlining Tonic’s data de-identification efforts.