SecureState's Data Discovery process determines the threat, affected resources, and impact of a potential data leak, interception, or theft. An effective assessment depends on a properly scoped engagement that identifies data and process classifications, escalation procedures, resources, risk, impact, and prioritization.
During Data Discovery, SecureState will identify the types of data (data classification), location of data, and impact the data has to the organization. To accurately measure this key information set, SecureState will interview data-owners and IT staff for data controls, data types, and access to data. SecureState will work with the client to improve the ability of staff to prevent, detect, and respond to future threats while helping define the scope and control points needed for future assessments or certifications for HIPAA, ISO 27001/2, and PCI. We will comprehensively scan for sensitive and regulatory data on file systems, commercial and open source databases, documents, shares and container files, such as email storage and compressed archives, while also assisting the company in controlling the storage, access, and transmission of sensitive data, and implement the tools to properly control and encrypt the data. SecureState will help support the company’s ability to fine tune its data retention, data access, and disposal policies. Finally, we will develop a Project and Implementation Plan custom to the environment and data classification.
The Data Discovery methodology includes host-based agents deployed and installed on MS Windows-Based systems. Agents efficiently distribute search processing across a network of computers to exponentially reduce search times and network traffic. Unix/Linux-Type systems are mapped to internal storage devices that can install and run host-based agents. SecureState will identify, process, and audit data of any type on disk or network share in raw formats.
Once data and associated systems and devices have been identified, SecureState documents applicable controls related to it. This assessment leads to remediating and implementing additional safeguards; removing data sources; and protecting data, databases, applications, and file shares.