To clarify some of the widely used phrases in the cybersecurity sector, we have launched our ‘debunking cybersecurity jargon’ series of blog posts. We have already covered Adaptive Redaction and the Deep Content Inspection Engine and now turn our attention to Information Governance Servers.
With information and data viewed as among the most valuable commodities in many enterprises, keeping them secure is a priority. An Information Governance Server (IGS) is a highly effective way of doing this. In this blog post, we explain what an information governance server is and how it protects critical information.
Preventing Data Breaches
Data Loss Prevention (DLP) is a key requirement for business integrity and data security. As well as the loss of critical information, data breaches cause major corporate embarrassment, incur high remediation charges, and heavy fines from regulatory bodies. The Clearswift Information Governance Server is a DLP-centric solution working in the background to minimize the risk of outbound data loss, whether accidental or otherwise.
While no-one would doubt the sheer volume of information generated and managed in modern business, not all of that is of equal importance in terms of keeping it secure. In any organization there is information that is especially important, whether to ensure compliance with regulation such as GDPR or if that data contains vital and proprietary IP, or if the information is classified.
The IGS enables organizations to identify, manage and protect critical unstructured data as it is circulated within and outside the organization. Users register documents containing sensitive information and assign the appropriate classification level and context. For example, for Employee Confidential information, the classification is “Confidential”, and “Employee” is the context.
Upon registering the document, the IGS takes a full file hash, as well as a sequence of hashes across the file. Thanks to Optical Character Recognition (OCR) scanning, this even includes the textual content found in images, which would identify passport numbers on scanned images for example. This process is known as full or partial fingerprinting and it allows the IGS to trace segments of information even if they have been cut and pasted into new documents, if files are renamed or converted from one format to another (i.e. docs to PDF).
The original file is not stored on the IGS, it simply performs the searches and applies the appropriate security policy. The hashes, their associated classification levels and other meta-data are stored in a separate database so that searches can be performed at great speed.
Multiple Egress Points
Although email remains the primary method of sharing business information, there is the additional risk of files being shared on the Web or sent via FTP. This makes the monitoring of all egress points essential. As the central repository of information, the Information Governance Server works alongside email, web, and secure file transfer products to track documents and monitor communication flows to ensure that the data being transferred is permitted by policy.
Supporting Regulatory Compliance
If data beaches do occur, the track and trace capability of the IGS allows Compliance Managers or Data Protection Officers to see who sent or received the information in question, when and how. An audit and reporting system within the IGS enables information provenance reports to be created and Compliance Managers or Data Protection Officers can be given access to oversee what is being registered by who, and to monitor in real-time for data leaks and compliance violations.
Tracking may reveal potential collusion between employees, but also it may identify a lack of understanding by employees regarding data storage and data sharing and highlight a need for additional training.