The Best Tool for Managing Sensitive Content

Do you have tools in place to protect sensitive personal information?

The new European Union General Data Protection Regulation (GDPR) law was created to hold companies in Europe accountable for failing to protect private personal information such as social security numbers, employee personal data and other private personal data. Similar laws are being created in the United States and other countries. These new laws will require companies to know what sensitive data they have stored in their Content Servers and will also require that the data is protected against unauthorized access.

At the request of several of our customers in Europe who now face large fines for failing to protect their sensitive data, Syntergy has developed a new security product called Content Sentry. This module enables organizations to monitor, protect and report on sensitive data located in Content Server.

Detecting strange and unusual activity in Content Server is one of the biggest concerns for administrators. With the Edward Snowden case in the forefront of anomalous activity stories, Admins must take every precaution to make sure that valuable company secrets are kept secure and away from competitors and those looking to profit from the distribution of valuable information.

Here is a look at what Content Sentry can do to protect your sensitive data:

  1. Allow you to implement a Data Loss Prevention strategy for Content Server
  2. Detect anomalous activity in Content Server
  3. Automatically take action upon detection of suspicious activity
  4. Enforce corporate compliance lifecycle on sensitive content
  5. Identify sensitive content prior to migrating networked file shares to Content Server
  6. Identify which libraries contain sensitive content
  7. Implement a real-time content shield to instantaneously detect sensitive content when adding new content to Content Server
  8. Automatically take action upon detection of sensitive information
  9. Respond to audit requests quickly regarding who accessed sensitive content
  10. Safeguard Personal Identifiable Information (PII)
  11. Safeguard Protected Health Information (PHI)
  12. Safeguard Payment Card Industry (PCI) data

There are three important areas to monitor in Content Server to help uncover potential breaches of data. The first area to monitor is login activity. You need to be able to detect if a user account has been compromised. This is detected by identifying users accessing Content Server from unusual areas like a US based employee logging in with an overseas IP address. Another thing to look for are users logging in at unusual times of the day like 4:00 AM.

The next area to monitor is work habits. You need to be able to detect when people are accessing Content Server outside their normal work hours or if they have unusual work patterns. For example, is someone in finance continually accessing software development files or is a programmer consistently looking at financial data.

The final area to monitor is Content Server activity. For example, are you seeing large amounts of data downloaded at off hours? Are there an unusual amount of LiveReports being run? Which employees are accessing areas of Content Server that contain sensitive PII information such a social security numbers, birth dates, employee addresses, etc.

Some example of Use Cases where your organization should implement Content Sentry are:

  1. Monitor Content Server for anomalous activity
  2. Identify and secure sensitive content in libraries
  3. Prevent data breaches to avoid negative impact on the corporate brand and lawsuits
  4. Ensure your customer's data is securely being handled inside your organization
  5. Bulk scan content prior to migrating to Content Server or OpenText Cloud
  6. Perform ad-hoc scans to detect sensitive content during E-Discovery or Audit

More and more organizations are being forced to comply with new regulations designed to protect personal sensitive data. These regulations requires that organizations protect personal information and follow strict rules when storing personal information of employees. Violations of the European GDPR regulation could result in fines of up to EUR 20,000,000 or 4% of the company's worldwide revenue. This means organizations must be aware of which documents within Content Server contain personal, sensitive information and protect it accordingly. The only way to do that effectively is to scan the content using software designed to detect and report specific sensitive information. Being able to differentiate between a social security number and the number of a manufacturing part is a difficult but necessary feature of this type of software.

Syntergy is addressing these types of security issues with a powerful new add on module for Content Server called Content Sentry. We have recently seen quite a large increase in interest in our data security products due to these new offerings and the increased regulations around sensitive data. To learn more and determine if it these products are a good fit for your organization we encourage you to contact Syntergy at (858) 779-9642, email us at info@syntergy.com or visit the Content Sentry page at www.syntergy.com.