Contact us

Data discovery

The first step to effective information security and risk management.

Data Discovery helps businesses understand:

  • What data they have
  • Where the data is stored
  • What access and protection levels are needed

Data Discovery benefits

Data Discovery is also the first step on a journey towards compliance and with so many regulations and standards to comply with, this is now more important than ever.

Discovery can be a manual or automated process. The manual method involves interviewing a broad range of staff in all business areas. You can alternatively require employees to complete questionnaires. Given an adequate amount of time and resources, this can be quite accurate as it is these people who are accessing and processing the data on a daily basis. However, it will not deliver a granular understanding or inventory of all the data assets that you own/control.

Larger enterprises are more likely to use an eDiscovery tool. Such solutions will scan your entire environment, on-premises or in the cloud, to find all your data. This data will then be collated into an index where various functions can be performed. This is clearly a much quicker method but can be costly. However, such tools do bring added longer-term benefits such as:

  • Efficiency when complying with data subjects’ rights, such as those mandated in The EU GDPR (right of access, right to be forgotten etc).
  • Complying with legal eDiscovery requirements are simplified

No matter the method adopted for discovery, it is important to include third-party applications in scope. These are often overlooked as the data is not stored within the organisation’s network. However, the data controlled by the organisation should always be included no matter where it resides.

It should not be forgotten that there may be data that has leaked from the organisation’s network to open or even closed sources on the internet. This data, if deemed sensitive, can pose a significant risk to the business. As such, efforts should be made to locate this data and if at all possible, bring it back under the control of the organisation.

When the data has been discovered it should be collated into an asset inventory with data owners identified. This is an essential part of any security strategy. It allows organisations to categorise information assets and then move toward identifying sensitive data.

Connect with us

Get in touch with our security experts

Our team is available for a quick call or video meeting. Let's connect and discuss your security challenges, dive into vendor comparison reports, or talk about your upcoming IT-projects. We are here to help.

Placeholder for Portrait of engineer beard wearing poloPortrait of engineer beard wearing polo
Updates

Latest news and blog posts

Placeholder for Adobe Stock 369977292Adobe Stock 369977292
Juniper Networks

Network security

Juniper's Four-Time Leadership in Gartner Magic Quadrant

Juniper Networks' repeated leadership in Gartner's Magic Quadrant highlights its innovative edge and excellence in wired, wireless, and indoor location technologies.

3 min. read
Placeholder for Industrial company NIS2Industrial company NIS2

NIS2

NIS2 requires industrial companies to make major efforts to secure their OT environments: Where to start?

Thousands of industrial companies will be affected by the implementation of NIS2, with issues varying widely from one entity to another. We present you 12 steps to achieve compliance.

Arnaud Masson
Placeholder for ARMARM

Arnaud Masson

4 min. read
Placeholder for Two men looking at a laptopTwo men looking at a laptop

Cloud security Endpoint security

The importance of Secure Web Gateway (SWG)

This article introduces Secure Web Gateways (SWG), covering key features, deployment options, scalability, organizational benefits, and integration.

2 min. read
See all updates