Data protection is the bedrock of good cybersecurity posture. But the foundation of data protection is discovery and classification. As the old adage goes: You can’t protect what you can’t see. Only with true visibility comes the knowledge and context required to apply the right type of protection to the right data at the right time. Yet modern, distributed IT environments do not make this an easy task for enterprises.
That’s where AI-powered tooling really comes into its own, supporting continuous data discovery for a streamlined, automated approach designed to minimize business risk and cost.
The challenges of data discovery
Today’s most successful enterprises are those that can extract maximum value from the data they generate on a daily basis. According to McKinsey, companies using data-driven B2B sales-growth engines are able to increase pre-tax earnings by 15-25%, for example. Yet they must also find a way to protect this data from digital thieves and extortionists. Their efforts to do so must start with discovery. Yet the process is complicated by several challenges:
The velocity of business: Data is created on a continuous basis all over the organization. And it is moving and changing all the time, which requires continuous tracking and regular reclassification.
M&A activity: When one company absorbs another, it also takes ownership of a distinct data environment, which may mean disparate data sets and formats. This creates enterprise silos that complicate discovery and classification.
Different data types: Not all data is created equal. Successful governance depends on being able to identify, tag and protect all data, whether it’s structured, semi-structured, or unstructured. But this can be challenging in the case of unstructured data which is captured and recorded informally.
New digital initiatives: No organization stands still. But new digital transformation projects inevitably lead to larger data volumes and potentially more data variety, which can put extra pressure on discovery.
Cloud opacity: Hybrid cloud is increasingly the direction of travel for most organizations. But many tools struggle to gain visibility into cloud environments, which can create dangerous security and compliance gaps.
Enterprise silos: Large organizations may have multiple subsidiaries operating under a single corporate umbrella. Yet they need to ensure data does not move between these silos in order to maintain privacy and compliance. At the same time, consistency of discovery and classification processes is key to ensure a coherent strategy.
Regulations: The regulatory landscape is shifting all the time, creating new requirements for teams to build into their data discovery and classification strategies, as well as potential penalties for non-compliance.
How AI can help
The job of enterprise IT teams is made harder still by legacy tools no longer fit for purpose in dynamic and fluid data environments. Manual and static tooling is a drain on resources, and leads to high operational costs, incomplete inventory and stale data. Static regex & pattern matching can also mean poor accuracy and limited business context – which may create security risk if data is not being classified properly and therefore is not protected in line with risk.
AI-driven data discovery, by contrast, eliminates the security risks stemming from unknown sensitive data and the costs and inaccuracies associated with static, manual processes.
comforte does this through continuous passive network packet capture, enabling customers to identify new and unknown repositories containing sensitive data and gain full visibility into them without the need to deploy agents. Because it’s a continuous process, there are no gaps in insight or protection, and because it’s automated and machine driven, the operating costs are lower. Scans are high accuracy, with low false positives and full context. That means data is accurately classified and can be adequately protected in line with policy.
A case in point
One Fortune 500 property & casualty (P&C) insurance company took advantage of the comforte platform to achieve exactly these gains. It was struggling with high data volumes, unstructured data discovery and enterprise silos. But thanks to comforte’s SecurDPS Discover & Classify it was able to roll out continuous and comprehensive search for unknown sensitive data in non-targeted repositories. This boosted confidence by revealing previously dark data which could subsequently be secured in line with policy.
The comforte offering has become the insurer’s primary discovery and classification solution, integrating with existing governance, risk and compliance (GRC) and data loss prevention (DLP) solutions to optimize these existing investments. Now the organization can better manage security and compliance risk across structured and unstructured data residing anywhere on its corporate networks.