Alternative security uses for eDiscovery software

A recent breach at the Memorial Sloan-Kettering Cancer Center called attention to the fact that you canÔÇÖt protect data from a breach if you donÔÇÖt know what data your organization possesses.┬á This may sound simple but many organizations do not have a good grasp on what data exists in their organization and whether that data should be protected against disclosure.┬á This makes it difficult to detect a breach and thus, breached data persists in the wild much longer than it could if organizations had a better understanding of the data they manage.

An interesting solution, documented in Data Breach Today, is being used by Franciscan Health System (FHS) in Washington State.┬á FHS has started using an eDiscovery tool, typically used to gather, filter, prepare and evaluate data use in litigation, to gain a big picture on the data they have on their systems.┬á eDiscovery tools allow users to search across a large amount of data to find data of a specific type.┬á In litigation, lawyers ask, ÔÇ£What data is relevant to my case?ÔÇØ and in information security and privacy, the question is, ÔÇ£what sensitive data exists in my company?ÔÇØ ┬áFCS and others have found another use for eDiscovery tools in the information security field.┬á These tools are much further along on the maturity cycle than some recently developed tools.┬á Some eDiscovery tools allow for data visualization such as the Attenex document mapper from FTI that shows a picture of the data in the system by using a series of circles of varying sizes connected together.┬á The circles and connections picture the classifications and relationships between data.

There may be many in an organization that are creating content and some sensitive information may accidentally or intentionally be included in a document.┬á eDiscovery software evaluates the content of files to help identify the data that may be hiding within a document and it can be used for cyber security in addition to litigation.┬á In the case above, Memorial Sloan-Kettering Cancer Center had unencrypted patient information in a set of Microsoft PowerPoint slides that were available online.┬á WhatÔÇÖs worse is that the information was available for six years before it was found.┬á An eDiscovery system could have alerted them to this data breach much sooner.

3 thoughts on “Alternative security uses for eDiscovery software

  1. Yet – We refuse to go to a Franciscan facility or medical professional as they are still using social security numbers for patient ID. Also interesting that their shred bins all have keys in the locks – in case they need to retrieve something, and while sitting in a surgery prep area, one can hear private details of other patients when being interviewed by health care professional (“and you are . . .” “your date of birth is . . .” “your address is . . .” etc.

    • Amy,

      Thanks for sharing. Those are some excellent examples of the types of things that cause breaches and you are smart to avoid places that do not protect your information. I was donating blood once and I saw they were using an insecure wireless access point to connect to the Internet. Everyone’s personal information was processed on a few laptops that were accessible by anyone with a wireless card. I left that blood drive and went to another and I wrote them to tell them that they needed to change their procedure before I would come back.

      Many colleges used to use social security numbers as student ID’s and a few still do but they have largely made a change to an identifier unique to the institution.

Leave a Reply

Your email address will not be published. Required fields are marked *