Case Study

Implementing a data protection strategy for an Australian retailer

 

SECMON1 is a Spirion partner with over 20 years of experience helping customers in the cybersecurity space, working with small and large organizations on a range of issues, including data breaches,compliance strategy, risk mitigation, intellectual property theft, and fraud. Managing Partner, Nicholas Gontsharow and the SECMON1team have been a Spirion Platinum partner for years and have successfully implemented Spirion’s technology at numerous large clients in Australia. Last year they identified a large retail client with over 100 locations throughout Australia and New Zealand who was looking for a way to manage their sensitive data.

The retailer had been working closely with SECMON1 on improving their cybersecurity posture for a couple years when they decided it was time to tackle 20 years of data that had accumulated at their corporate office. The client had attempted in the past to accurately identify their sensitive data but furloughed the project as the technologies they used had high false positives, leaving them with little confidence to achieve acceptable results. Through Nicholas’ direction, his team was able to outline how they could help in addressing their data concerns and suggested using Spirion’s technology to add insight into what data they had, where it was located and how it was being used.

 

Case Study

SECMON1 spent time interviewing the CISO, the information security team and key stakeholders to determine where they should prioritize their efforts given the sheer amount of data related to employees, customers and their IP. Through their efforts they were able to pinpoint where to begin and found key areas in the business that likely had the most sensitive data to discover, classify and remediate. In their first pass, SECMON1 and their customer began by looking at 18 Terabytes of unstructured data in SharePoint, OneDrive and on 1,000+ desktops.

Also identified were a few Network Attached Storage (NAS) file shares that had significant amounts of consumer records.

Immediately upon deploying Spirion, telling results emerged and surprised everyone. Clear text passwords were found throughout SharePoint and customer PII that was thought to be deleted long ago were found in open file shares and was still accessible. To begin, the findings were validated on small datasets, followed by a larger deployment on larger datasets. This resulted in providing confidence to the client that the results were accurate for appropriate remediation to be deployed.

The retailer was very pleased with the end results and pointed to several things that won them over. First, was Spirion’s ability to accurately discover data across vast sets of disparate data on the cloud, on-premise, and hybrid solutions. The sheer amount of unstructured data that the retailer collected over 20+ years was an ongoing headache that they finally found a solution for. Once the data was found, Spirion’s classification assigned values to the data which enabled them to make the best decisions within the context of their business. Through using SDM, the retail client deployed a data shredding strategy to delete cache files that had accumulated, freeing-up significant storage. Data that was over 90 days old, and rarely used became quarantined. And lastly, the classification tagging used in combination with their Data Loss Prevention (DLP) system and Microsoft applications set a course for the future for better decisions regarding data sent externally.

Summary

The client recognized they needed to manage their data before they had a breach and desired address compliance laws. Further, the client learned through a proof of concept how much data was in fact at risk and were presented with a remediation strategy by the team at SECMON1. An unintended outcome of their data security project was
savings on storage and the ability to see what data was being used, thereby adding value to the company’s sales strategy. The client found that they could set up workflows and policies to address data at is origination, making an effective solution that had positive impact on their workforce productivity.

Questions about an opportunity, or want to understand more about your margin?

Contact your channel sales manager directly, or by emailing: channelsales@spirion.com

Related Resources

resource
Dark Data Best Practice Guide
resource
Future-proofing sensitive data privacy and compliance
resource
Data Classification Security Use Case
resource
Sensitive Data Platform Scan Coverage
resource
Unify Data Security, Privacy, and Governance with Contextual Data Classification
resource
Education Guide to Sensitive Data Breaches