Data Discovery, Classification and Remediation
WORLD OF DATA DISCOVERY, CLASSIFICATION AND REMEDIATION
Identifying, Categorising and Classifying assists an organisation in gaining insight into their data landscape, whether it be cloud based, on premise or hybrid. This allows for the identifying of key sensitive and critical data in addition to identifying Redundant, Obsolete and Trivial (ROT) data. Data discovery is a key contributing component in assisting with Data Privacy and Data Security initiatives.
PROTECT STRUCTURED AND UNSTRUCTURED DATA
Automated discovery and classification of the data means improved classification accuracy, less manual work and less human error. A large number of organisations do not have a clear view of the data they have and where it resides, this is very prominent within the unstructured landscape as control over this data is not traditionally structured or controlled. Although gaining insight into data landscape is a primary benefit, additional benefits go far beyond just identifying data that is sensitive. These include understanding over exposed resources, unnecessary access to data or highlighting redundant, trivial and obsolete (ROT) data.
The remediation of such data once discovered is the next step in the process which allows for items such as ROT to be defensibly disposed of according to process and policy, ultimately minimising risk as well as freeing up resources.
FEATURES AND BENEFITS
The below highlights prominent areas we address when implementing technologies for data discovery, this is amongst some of the primary activities embarked on when engaging in various Data Governance and Data Security initiatives and forms the basis of gaining a clear understanding of the data landscape.
Data Discovery, discovery of data across multiple structured and unstructured data sources and various architectures enables an organisation to obtain clear insight into their data and where it resides. These can be cloud based such as OneDrive, on premise such as FileShares or Databases amongst many other data stores that are being used over the organisation. What is clear is that data resides in a multitude of places which brings its own complexity, especially if that data is not easily identifiable or controlled through appropriate securities and policies.
When scanning these data sources we are able to identify sensitive and critical data, although this is key the ability to report on Redundant, Obsolete and Trivial (ROT) data is just as important. Identifying ROT enables an organisation to review what possible data is not required anymore or is not specifically business data.
Classification
The ability to configure a system when identifying sensitive data specific to an organisation needs to be established, this allows for alignment with legislative drivers and data sets being identified. Some examples of these are POPI data and PCI data. This promotes proper classification, labelling and tagging of relevant data sets assisting further in remediation and reporting.
Metadata
When scanning additional items can be invoked such as using the scan data as Metadata enabling for future retrieval or enrichment in initiatives such as Records Management.
Permissions
In addition identifying owners of files when remediating can be process intensive if not done through a system, as most data sits with business the system must enable data custodians to interact with business on identifying owners of data sets. This assists with the correct allocation of permissions to appropriate users and minimises over exposed resources.
Remediation
As these exercises require various roles to contribute the ability to provide data custodians a view of results for specific business units can be done. This assists in easier remediation of data identified through policy enforcement.