Data discovery does not have to be just about security.

Worth reading

Tom Olzak on Security

Sitting back, looking at his security controls matrix, George felt comfortable with the trustworthiness of systems on which he expects sensitive information to reside.  His database servers are located on segments locked down and monitored by unified threat management (UTM) devices.  The NAS where he expects unstructured data (e.g., Word and Excel files) is encrypted.  Data in motion is also protected, with nothing leaving the boundaries of his network in clear text.  But he has a nagging feeling deep in his gut telling him something is missing.  Then it hits him.  What if users don’t put data where he expects?  Does he already have PII or ePHI stored in risky storage? The worst of it, George realizes, is that he has no tools to help him answer these questions.

George’s situation isn’t unique.  Across the globe security managers working for medium and large organizations are asking themselves these same questions. …

View original post 661 more words


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s