Are You Ready for GDPR?

General Data Protection Regulation Ushers in New Era in Data Protection

With new laws such as the European Union General Data Protection Regulation (GDPR), valuable information now includes private personal information such as social security numbers, employee personal data and other private personal data. Detecting strange and unusual activity in Content Server is one of the biggest concerns for Administrators and Content Owners. Content Server admins must take every precaution to make sure that valuable company secrets are kept secure and away from competitors and those looking to profit from the distribution of valuable information.

Fines up to four percent of annual revenue for a data breach! You need to rethink your privacy, security and data governance strategy now! The European Union General Data Protection Regulation (GDPR) law was created to hold companies in Europe accountable for failing to protect private personal information such as social security numbers, employee personal data and other private personal data. Similar laws are being created in the United States and other countries. These new laws will require companies to know what sensitive data they have stored in their Content Servers and will also require that the data is protected against unauthorized access.

Syntergy has developed a new security product called Content Sentry. This module enables organizations to monitor, protect and report on sensitive data located in Content Server. Here is a look at what Content Sentry can do to protect your sensitive data:

  1. Allow you to implement a Data Loss Prevention strategy for Content Server
  2. Be in compliance with the European Union General Data Protection Regulations
  3. Detect anomalous activity in Content Server
  4. Automatically take action upon detection of suspicious activity
  5. Enforce corporate compliance lifecycle on sensitive content
  6. Identify sensitive content prior to migrating networked file shares to Content Server
  7. Identify which libraries contain sensitive content
  8. Implement a real-time content shield to instantaneously detect sensitive content when adding new content to Content Server
  9. Automatically take action upon detection of sensitive information
  10. Respond to audit requests quickly regarding who accessed sensitive content
  11. Safeguard Personal Identifiable Information (PII)
  12. Safeguard Protected Health Information (PHI)
  13. Safeguard Payment Card Industry (PCI) data

Most organizations rely on user adoption and execution of rules designed to safeguard data in Content Server. Tools such as permission models, folder hierarchy, group definitions and auditing can go a long way to help implement a security policy. Solutions for securing content are only as good those who use them—and many choose not to. Content Sentry addresses these issues by searching out and finding sensitive data, enhancing audit reporting and taking automatic action upon detection of suspicious activity.

There are several important areas of Content Server that Content Sentry helps an organization monitor to avoid breaches of data. The first area to monitor is user access activity. Content Sentry can help you detect if a user account has been compromised. This is detected by identifying users accessing Content Server from unusual areas like a US based employee logging in with an overseas IP address. Another thing to look for are users logging in at unusual times of the day like 4:00 AM. Still another is a user accessing data outside their normal work hours or accessing data outside their normal data areas. For example, is someone in finance continually accessing software development files or is a programmer consistently looking at financial data. Content Server activity is another area that falls under this category. Are users downloading large amounts of data or accessing areas that contain sensitive PII information such as social security numbers, birth dates, employee addresses, etc.

Another important area of Content Server that Content Sentry helps organizations avoid data breaches is by locating sensitive information through deep scanning of new and existing content. With hundreds and even thousands of users adding data to Content Server organizations need a tool that can locate sensitive PII information that is not in the proper location. Content Sentry uses state of the art scanning technology that allows it to differentiate between a social security number and an identification number for a ship.

Some example of Use Cases where your organization should implement Content Sentry are:

  1. Monitor Content Server for anomalous activity
  2. Identify and secure sensitive content in libraries
  3. Prevent data breaches to avoid negative impact on the corporate brand and lawsuits
  4. Ensure your customer's data is securely being handled inside your organization
  5. Bulk scan content prior to migrating to Content Server or OpenText Cloud
  6. Perform ad-hoc scans to detect sensitive content during E-Discovery or Audit

More and more organizations are being forced to comply with new regulations designed to protect personal sensitive data. These regulations requires that organizations protect personal information and follow strict rules when storing personal information of employees. Violations of the European GDPR regulation could result in fines of up to EUR 20,000,000 or 4% of the company's worldwide revenue. This means organizations must be aware of which documents within Content Server contain personal, sensitive information and protect it accordingly. The only way to do that effectively is to scan the content using software designed to detect and report specific sensitive information. Being able to differentiate between a social security number and the number of a manufacturing part is a difficult but necessary feature of this type of software.

Syntergy is addressing these types of security issues with a powerful new add on module for Content Server called Content Sentry. We have recently seen quite a large increase in interest in our data security products due to these new offerings and the increased regulations around sensitive data. To learn more and determine if it these products are a good fit for your organization we encourage you to contact Syntergy at (858) 779-9642, email us at info@syntergy.com or visit the Content Sentry page at www.syntergy.com.