Today almost all company-relevant processes are controlled via several business applications that process, collect and store large amounts of data. Further, data analytics and large data storage pools like Big Data spread the data across the organization.
The cloud-based components for storing and processing data have increased the risks among sensitive data at a high level. Companies have to take actions and measures to initiate data protection from unwanted disclosure, damage, or loss even though in cloud servers.
We offer various options to support you in choosing the right measures for mitigating these risks. We are specialized in INTERNAL THREAT SCENARIOS and can cover different solutions.
“Our Solution Components are PROPORTIONATE, EFFECTIVE and SIMPLE”.
Schedule A DemoTo prioritize the next steps on your side, follow the relevant questions.
Workshops for the identification and grouping of data with special protection needs as part of the Inventory & Classification discipline.
Workshop for the identification of possible threat scenarios & risks as part of the Risk & Governance discipline.
Carrying out a proof-of-concept of one or more solution modules with "non-productive" customer systems.
This possibility is given with a time-limited pilot integration on "productive" customer systems.
Data identification and classification is about grouping and structuring highly sensitive business data such as construction plans, recipes, price plans, sales and commission plans, and much more, that is relevant for all measures.
We create a grid with special data protection requirements, classify the data in terms of governance risks, and group the data to control all technical measures on the main groups.
Have you already defined various threat scenarios? Or would you like to define scenarios for internal threats? We work out the relevant threats and create a risk map to implement technical measures.
We plan and conduct workshops to develop the basics for technical measures. Our workshops usually last 2 to 3 days on-site at the customer and include the following structure:
Send us your request and we will be happy to contact you for further information.
While operating and navigating through the business applications, we access an enormous amount of data. These data are stored, restricted, or open to sharing depending on the nature of the data. If the content is sensitive, it requires special data protection security.
Knowing what data is located where and who is responsible for the data collection is the key for digitalized businesses. Due to the nature of how organizations are generating the business, a huge number of data is collected and processed either as structured data in applications with central data sources like a database or unstructured like in Microsoft Office documents, PDF, and many more.
During the daily usage of business applications and data processing, organizations produce an enormous amount of data. The data is stored on restricted or open share depending on the nature of the data, whether the content is sensitive and the data collected and processes require special protection.
Sensitive Data is produced along with all other data in a day-to-day operations scenario. Therefore the organization needs to understand what data is generated along the full data object life cycle. Cloud-based services enable organizations to use IT infrastructures and processes, the data is also widely distributed.
Therefore we need to search our data and identify the data sets that are either legally protected, regulated by an industry regulator, or need higher protection as company secrets. This “research” of sensitive data requires technical instruments to ensure the best coverage of the inventory.
During the inventory, process-specific criteria are applied to identify the sensitive data from various sources such as databases, Sharepoint, Filesharers. The information from this inventory provides an accurate analysis of the amount of the sensitive data, its data source, creator, and its purpose of usage.
How to apply different risk factors to the sensitive data within the organization? The best way is to logically group data sets with similar risks. All technical measures can be applied to the specific group with different actions against internal threats.
The classification criteria, usually provided through corporate governance, builds the fundamentals to perform risk assessments such as personal identity information, financial data, marketing data, etc.
Classification labels are applied by instruments that support the user while creating the data and suggesting the corresponding items. With these labels, security protection instruments can monitor the data flows and act accordingly.
Additionally, the organization can decide to apply data protection measures like automated file encryption if the data set contains sensitive data.
Managing Partner
Partner / COO
Partner / CTO
