Data Risk Assessment

To make matters worse, sensitive data quickly assumes a life of its own. It may be stored incorrectly, accessed by unauthorized people, or leaked—intentionally or unintentionally—through public file shares, email or other means.

If you can’t pinpoint your sensitive data, understand how it’s used across the organization, and then define and apply appropriate policies to it, your company may be exposed to significant business, legal, regulatory and reputational risks.

To reduce your data-related risks, you must be able to answer a variety of critical questions, including:

• Where is my company’s sensitive business data actually located?
• Can I identify and effectively manage all copies and versions of sensitive business documents?
• Are all my sensitive business documents appropriately protected?
• Who is actually accessing sensitive business data? And who has access rights on this data?
• To whom is sensitive business information being sent?
• Are the correct security and retention policies being applied to sensitive information?
• Can I prove this to an outside auditor?

Key benefits of the NogaLogic Data Risk Assessment include:

• An effective, quick and cost-efficient way to identify and assess your organization’s sensitive information risks
• Get granular insight into your current information risk levels and their root causes
• Get detailed recommendations on how to optimize data security policies and reduce your company’s exposure to security risks
• No need for time-consuming, unreliable manual risk assessments

1. Discover Your Risk

Nogacom consultants utilize the NogaLogic solution to automatically discover all unstructured data across all targeted repositories, including all copies and versions of documents. Through this process, NogaLogic will:

• Identify sensitive documents —including all copies and versions—based on their business context
• Gather information about those documents related to risk exposure—including content changes, author, age, access and permissions rights, and other attributes
• Track the sharing/distribution of files containing sensitive data to identify any possible leaks via email or other means
• Map all unstructured data to its storage infrastructure location to identify inappropriate or inefficient storage

2. Analyze Your Risk

Nogacom consultants will then analyze and identify critical risk areas within your data:

• Data storage and ownership issues
• Improper copying and re-versioning of sensitive data
• Active and inactive permissions for access to files and mailboxes containing sensitive data
• Email distribution of sensitive data in the body of emails and as file attachments
• Potential threats to availability of sensitive data
• Content retention issues

3. Mitigate Your Risk

Nogacom consultants provide detailed reports that outline the root causes of your data risk, and deliver recommendations on how to mitigate this risk and comply with internal governance requirements and external regulations, including:

• Changes and updates to information security policies
• Changes or updates to access permissions
• Data migration needed to ensure its protection
• Changes or updates to existing business practices
• Implementation of security and access controls

To quickly and cost-effectively gain a true picture of your organization’s information risk exposure, contact Data Classification today.