Sensitive unstructured data doesn’t care where it lives, and neither do the hackers or insider threats that are trying to find and use it. When it comes to securing data, organizations tend to focus on the big, network-attached devices, filer servers or document management systems such as SharePoint. In the process, they tend to ignore desktops, laptops, print servers, or even critical Windows application servers. Oftentimes, your most sensitive, critical data can live in all those devices. You can be assured that the people attempting to steal this sensitive data are not ignoring these devices and neither should you. At SPHERE, we take a “scan every hard drive” approach. That means regardless of location, device type or size, it should be scanned, analyzed and, if required, remediated. You simply don’t have the luxury of assuming a specific device will not have data that could pose a threat if it were stolen or exposed.
We typically hear “My application servers are locked down and have very little storage.” A single Excel file or PDF with thousands of your customer’s social security numbers can sit in a file that’s only a few kilobytes in size. Application servers having little storage does not count as security. I’ve personally seen developers find all sorts of creative ways to make Security teams lose sleep at night. Things like open shares on Windows servers with customer statements including names, address, account numbers and balances. Should there be a breach, your customers will not be happy with the explanation that you didn’t protect their PII because it wasn’t stored on a NetApp.
But what about desktops and laptops? If you take the total disk space of all your desktops combined, it could account for 10 times the amount of total storage you have in your data centers. This is especially true for larger organizations with a widely dispersed workforce. These devices are ripe opportunities for unsecured sensitive data. Despite the seemingly aggressive move to cloud, users still store files locally for convenience, never mind the local caches you typically have with network or cloud storage. So desktops should be scanned, analyzed and controlled just like everything else.
In the current ever-evolving, complex landscape, where your users can interact with some unstructured data stored locally on their laptop, SharePoint, cloud or network attached storage all in the same day, it’s become increasingly important to ensure that all of these end points are protected. You must scan every hard drive, every system. Because if you’re not finding this data in your environment and protecting it, you can be pretty sure the bad guys will find it and exploit it.
Director of ProductRosario is Director of Product at SPHERE Technology Solutions. As an experienced technology executive with over 20 years of experience, Mastrogiacomo is responsible for the strategy of SPHERE’s suite of solutions including SPHEREboard. Prior to joining SPHERE, Mastrogiacomo held high-level positions at multiple Financial Services organizations; managing technology groups charged with core infrastructure, and end-user products.Check out some of Rosario’s latest thoughts on Privacy in 2023.