July 19, 2016 by

The Great Data Hunt

By Yoran Sirkis, CEO of Covertix

Quick. Just in your head – try to count all the places your corporate data may reside – network, cloud, corporate and private mobile devices, laptops, NAS, SAN, flash storage, USB drives, your employees’ home computers. Oh, and let’s not forget that your suppliers, lawyers, consultants, and clients all have multiple networks, too (plus their lawyers, consultants – it goes on and on).

Simply based on your data volume and its potential location (and don’t forget that you’ve got multiple versions out there), you really need to get a handle on finding it. If you don’t know where it is, you cannot protect it.

Most forensics tools include a document discovery feature, which will help you find your digital assets. Business is fluid, and the information that’s in the network today may be on the cloud tomorrow, or shared with third-parties for insurance processing, bill printing, or legal review.

Not only do you need to identify your files, but you also need to analyze the information according to context and location. Your protection needs to follow the data wherever it goes.
Tracking your data can also give you a better handle on what your spending to keep where. While the prices of flash storage have plummeted significantly, it is still a more expensive option. What if last year’s designs are still in the flash system, and this year’s designs are being stored within the traditional NAS infrastructure. Not only doesn’t this make sense on a time to access level, reducing productivity, but last year’s files don’t need the same level of protection that the new designs require.

Of course, being able to find your data gives you the ability to protect it when it goes AWOL. Healthcare organizations, government agencies, financial institutions, and most major organizations are attacked at least a few thousand times a day, if not per hour.

If your data is suddenly on an unknown network, accessed at the wrong hour, and/or opened by an unauthorized person, it needs to have full protection in place, ensuring that the data encryption prevents access to “real” information.

Your system should work the same way with authorized people. You are supposed to only be able to access personnel information from the network between 8 a.m. – 8 p.m. You didn’t finish what you needed to do, though, and sent the file home – you’re an authorized person but you sent the data somewhere it shouldn’t be and tried to open it during non-designated hours. If your data protection system is up to snuff, you won’t be able to open that file.
Don’t confuse data security with network security. Mobile devices, firewalls, and applications all do need significant protection. But if you aren’t protecting your data, too, when something fails, all can truly be lost.


Yoran Sirkis is CEO of Covertix. Covertix offers SmartCipher, which lets you find, know, classify and protect sensitive information as it travels, fortifying information access control in real time with complete confidence. www.covertix.com

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Andrew Lee on Internet of Things and cybersecurity

As CEO for ESET North America, Andrew Lee brings the role a unique blend of corporate and security...

Read more arrow_forward

Multiple Consumer Linksys Router Models are Vulnerable to Attacks

Two security researchers have discovered two dozen Linksys router models that contain at least 10...

Read more arrow_forward

Data Breach Hits over 1,000 Intercontinental Hotels

The Intercontinental Hotel Group, the operator of hotel chains like the Holiday Inn and the...

Read more arrow_forward

If you have any further questions, please don't hesitate to contact us.