With data protection regulations making their way onto every country’s legislative agenda, from the European Union and the US to the Middle East and Latin America, companies are now faced with the considerable task of complying with them. One of the key elements of any good data protection strategy is transparency: it’s important that organizations clearly understand what kind of data they collect from their customers, where it goes, and who has access to it. After all, how can a company protect its sensitive data if it doesn’t know where it is?
Most data protection regulations clearly limit access to sensitive data and the length of time it can be retained. They, in fact, allow data to be used only for the purpose for which it was collected and for the length of time needed to serve that original purpose. Therefore, companies that don’t even know where their data is, run a high risk of noncompliance.
Employees carelessly storing sensitive information locally on their hard drives or sending it to colleagues to resolve an issue are both very common occurrences in the workplace. However, under the new data protection regulations, such careless acts can make companies liable to steep fines.
Data discovery tools were developed to protect against the risks of such stray data. By scanning entire company networks, they can locate forgotten data and take steps to remove or encrypt it. Endpoint Protector’s eDiscovery DLP module is just such a tool but comes with an array of additional features that make it a truly outstanding solution. Let’s see what these are.
1. Cross-platform Scanning
In today’s increasingly digital world, office environments running on a single OS are becoming a rarity. macOS has taken its place as the darling of designers and CEOs and Linux’s steadfast following among developers has grown to include other technical professions. The result is often a logistical nightmare when it comes to data scanning, many data discovery tools focusing on a single OS, leading to higher overall costs and headaches for network administrators.
From the very beginning, Endpoint Protector was developed as a cross-platform solution. All of its modules, including eDiscovery, can be used on not only Windows, but also macOS and Linux. Scans can be performed on entire networks, regardless of which operating system endpoints are running on, all from a single dashboard.
Learn more about Linux DLP and macOS DLP.
2. Easy to Define Policies
eDiscovery makes it incredibly easy for administrators to refine their searches for sensitive data. Along with a set of predefined policies, they have the option of creating their own custom policies in a few quick steps.
They can use policy blacklists to define the content they want to detect and policy whitelists for content that can be ignored during scans. They can then choose how many violations are acceptable and which OS and entities, whether departments, groups or computers, it will apply to.
3. Policy Blacklists
eDiscovery’s blacklists offer extensive options for sensitive data scanning: everything from categories of personal information covered by data protection regulations such as HIPAA and GDPR to file types, source code and regular expressions. Custom content can also be added to serve the specific needs of each company and how they define sensitive information within the context of their business.
A unique feature of eDiscovery’s blacklists is the possibility to also define the location that will be inspected. Whether an entire network, a single computer, a USB storage device or an external drive connected to an endpoint, eDiscovery allows admins to refine searches for better results and overall efficiency.
4. Scheduled Scans
eDiscovery scans can be performed manually at any time, but can also be scheduled to start automatically. In this way, admins can choose the time and date when a future scan will take place or set up a weekly or monthly scan to ensure a continued inspection of sensitive data.
5. Remediation Actions
Once an eDiscovery scan is completed, admins can view and manage the results from the Endpoint Protector dashboard. They can then take remediation actions to secure sensitive data found in unauthorized or vulnerable locations. Files can be either deleted or encrypted.
The deletion option is particularly useful for companies that need to comply with data protection regulations like the GDPR or the CCPA, both of which grant data subjects the right to be forgotten. Organizations falling under their incidence are obligated to remove a user’s data from their systems upon request. eDiscovery, with its complex blacklists and refined data scans, is an ideal tool to support businesses with this particular legislative demand, allowing admins to ensure that an individual’s information is completely removed from a company’s network.
Download our free ebook on
Data Loss Prevention Best Practices
Helping IT Managers, IT Administrators and data security staff understand the concept and purpose of DLP and how to easily implement it.