Data Discovery, Audit and Protection

Capabilities:  Data discovery, audit and protection solution includes a risk assessment scorecard, to help enterprises locate sensitive data assets, identify risks associated with current operating practices and develop plans to mitigate those risks. These activities are key to complying with regulations such as the Payment Card Industry (PCI) Data Security Standard and the Gramm-Leach-Bliley Act (GLBA). Most companies have sensitive information scattered across the enterprise. Customer information (credit card numbers, Social Security numbers), employee information (SSNs, addresses, salary and medical information) and operational information (financial data, IP) can reside in databases and file shares unprotected. Regulations such as PCI, GLBA, SOX and the Personal Data Privacy Act of 2007 require companies to protect data determined to be private. However, most companies are unable to address this requirement because they don't have the tools to find and classify private data. This lack of visibility into critical data assets leaves companies exposed to significant risks such as data theft, data breaches and unapproved data access.

Services:   This appliance attaches to a Spann port and  automates the process of:

  • Discovering where data is located and how it is being used. 
  • Data discovery pinpoints the location of data such as credit card and Social Security numbers stored in both production databases and on file shares in spreadsheets and word documents. 
  • Data Activity Monitoring determines the usage patterns and risk profiles for all users and applications that access critical data. 
  • The service includes a risk assessment report with an overall risk rating. This helps enterprises locate sensitive data assets, identify risks associated with current operating practices eCompliantz consultants work closely with client companies to review the findings of the risk assessment and develop remediation plans. 



The Results:  An executive summary and detailed reports covering: 

  • Where PCI, GLBA and other sensitive data is located 
  • Who is accessing critical data assets 
  • What activities privileged users are conducting 
  • Incidents of suspicious user behavior 
  • When failed transactions and other high risk activity is occurring