How to Enhance the Security of Office 365
A security survey report published in late 2018 from Cybersecurity Insiders stated that 91% of IT executives are concerned about cloud security, with over 60% of all respondents choosing Very Concerned. The customers we talk to on a weekly basis echo that nervousness, especially when it comes to securing unstructured data, such as documents and scanned images. Those content items are extremely difficult to monitor for sensitive, confidential information. But there are new solutions out there to help organizations.
CoreView’s recent acquisition of TermSet (announced in January) includes a product that provides an automated, intelligent method to scan and identify sensitive data in documents stored in disparate repositories, including file shares, DropBox, and SharePoint. Any documents that include personally identifiable information (PII), credit card numbers, and other kinds of sensitive data, are flagged and categorized. The early adopters of this solution are leveraging it for GDPR compliance, a security standard that was launched in May 2018.
Since over 80% of information stored by organizations consists of unstructured content, you can understand why this type of data poses such a huge security compliance risk as a complete unknown. Here’s a little bit about how TermSet works to help organizations find documents that contain sensitive information so they can be reclassified and managed appropriately.
Scanning for Sensitive Data
Using a set of well-defined processing steps and wizard-based menus, any organization can perform the automated discovery and security analysis of their unstructured content items. Whether the documents are stored in file shares, DropBox, or already imported to SharePoint, the TermSet product can access them and perform the forensic analysis of the information and identify sensitive data. Depending on the type of company confidential, or sensitive information found during the scanning process, the documents receive a score rating of relevance for security concerns. The higher the score, the more urgent the compliance remediation. With that detailed information available, the business experts within the organization can work with the IT team to choose how to classify the documents and possibly include them in a life-cycle management regimen that will ensure their security long-term.
Example: TermSet Repository Configuration for Content Scanning
Configurable Rules Based Search Configurations
TermSet allows complete configuration for the type of sensitive information, and associated mapping/scoring rules, that should be included during the document scanning process. The product includes over 100 rules out of the box, but additional ones can be created and applied as needed. Once the document scanning is completed, the content is scored and catalogued in a separate, actionable report.
Example: Assigning Rules to Scanning Parameters
The rules editor enables complete control over the data patterns to be evaluated during the scanning process. An example of the Rule for credit card numbers is included in the screenshot below.
Example: Rules Based Search Configurations
As you can see from the features described in the sections above, the TermSet scanning solution can help any organization improve their security compliance by identifying sensitive information stored in unstructured content (documents, scanned images, etc.). The solution also enables organizations to perform GDPR compliance steps as requested by customers or individuals. The TermSet product has built-in capabilities to generate a report for Subject Access Requests, and process Right to be Forgotten content removal requests.
If you are interested in finding out more about our CoreView solution and see how TermSet can help enhance security for unstructured content stored in Office 365, please join us on our upcoming webinar scheduled for February 7th at 1:00 PM (EST) and at 13:00 UK GMT.