Data breaches are occurring more frequently and companies are searching for a way to help prevent the breach by understanding their data and organizational data flows. One company has turned to eDiscovery software for that function.
Data inventory / Data mapping
The Memorial Sloan-Kettering Cancer Center data breach called attention to the fact that you can’t protect data from a breach if you don’t know what data your organization possesses. This may sound simple, but many organizations do not have a good grasp on what data exists in their organization and whether that data should be protected against disclosure. This makes it difficult to detect a breach and thus, breached data persists in the wild much longer than it could if organizations had a better understanding of the data they manage.
Alternate use of eDiscovery tools
An interesting solution, documented in Data Breach Today, is being used by Franciscan Health System (FHS) in Washington State. FHS has started using an eDiscovery tool, typically used to gather, filter, prepare and evaluate data use in litigation, to gain a big picture on the data they have on their systems. eDiscovery tools allow users to search across a large amount of data to find data of a specific type. In litigation, lawyers ask, “What data is relevant to my case?” and in information security and privacy, the question is, “what sensitive data exists in my company?” FCS and others have found another use for eDiscovery tools in the information security field. These tools are much further along in the maturity cycle than some recently developed tools. Some eDiscovery tools allow for data visualization such as the Attenex document mapper from FTI that shows a picture of the data in the system by using a series of circles of varying sizes connected. The circles and connections picture the classifications and relationships between data.
There may be many in an organization that are creating content, and some sensitive information may accidentally or intentionally be included in a document. eDiscovery software evaluates the content of files to help identify the data that may be hiding within a document, and it can be used for cyber security in addition to litigation.
Other data mapping tools
I do want to point out that there are a variety of other data mapping tools that organizations can use to get a handle on the data they have but if you are using an eDiscovery tool with such capabilities already, try leveraging it for security as well.
In the case above, Memorial Sloan-Kettering Cancer Center had unencrypted patient information in a set of Microsoft PowerPoint slides that were available online. What’s worse is that the information was available for six years before it was found. An eDiscovery system could have alerted them to this data breach much sooner.