BCD Travel
Enterprise organizations are faced with the challenge of understanding what is considered sensitive information and protecting the proliferation of that information. Identifying sensitive information, such as source code, patient information, financial information, product plans, drug formulas, or other intellectual property, is a difficult task that generally requires collaboration amongst information security professionals as well as business unit stakeholders. To further increase the challenge, sensitive information continues to change as products are released or milestones are reached, and the storage capacity requirements of today’s enterprise continue to increase at staggering rates.
Reconnex Data-at-Rest provides robust information security protection and visibility that allows enterprise organizations to not only understand where their sensitive data resides, but also help organizations understand what their sensitive data is.
Reconnex Data-at-Rest leverages the purpose-built, performance-oriented, hardened iGuard appliance family, deployed within the campus network, to crawl repositories where your information lives—laptops, desktops, file servers, NAS devices, intranet portals, wikis, blogs, document management systems, and more. The data stored on these repositories is indexed and violations to corporate policy are raised as incidents. Sensitive data can be deployed to adjacent data-in-motion devices and data-in-use endpoint agents to protect specific documents and their contents, even if the data is transposed or manipulated.
Reconnex Data-at-Rest helps you to protect your sensitive information, intellectual property, and privacy data, while also providing unique visibility into acceptable use violations. By providing visibility into and control over the proliferation of the information that is critical to your business, Reconnex Data-at-Rest helps uncontrolled proliferation of sensitive information such as intellectual property or privacy data, while also helping you to ensure that your corporate resources are used in a manner that conforms to corporate acceptable use policies. Incidents of data leakage continue to make headline news—costing enterprise organizations hundreds of thousands or even millions of dollars—not to mention the impact to the company reputation.
Consider the following real-world examples:
- In a highly publicized event, Gap Inc, a major clothing retailer, found that personal information for over 800,000 job applicants had been exposed due to a laptop theft.
- John Hopkins Hospital discovered that nearly 6,000 people’s personally-identifiable information and medical histories were compromised when a computer was stolen.
- Veterans Affairs found that tens of thousands of veterans had their information revealed when a VA laptop was stolen. It was against policy to have this privacy data stored on laptops.
- With a looming deadline for PCI compliance, organizations have struggled to find all sensitive card holder data that exists on company servers, information repositories, and workstations. The PCI Data Security Standard (DSS) demands that all card holder data be encrypted at rest, and that specific pieces of data not be stored at all.
- Major hospitals manually scan their systems to find patient health information (PHI) that may be stored in an unencrypted manner in their information repositories. Such scans are time-consuming, labor-intensive, and expensive, and prone to a significant number of errors—and oversights.
The Reconnex Data-at-Rest solution helps organizations protect information critical to their business, minimize proliferation of sensitive information, maintain compliance with industry and government regulation, and ensure acceptable use of corporate resources.
The Reconnex Data-at-Rest solution provides the following benefits to your organization:
- Better Adherence to Compliance and Regulations: Inappropriate storage or proliferation of privacy data, such as patient information, financial data, or customer information, are recorded and can be remediated. Reconnex identifies situations that put compliance with regulation at jeopardy, which helps minimize fees associated with compliance violations while reducing time to visibility, improving time to remediation, improving accuracy, and minimizing cost of compliance discovery.
- Understand and Identify Intellectual Property: The state-of-the-art Reconnex information capture database enables organizations to adapt as intellectual property or its sensitivity changes. With Reconnex, identifying intellectual property is streamlined, thereby allowing you better visibility and control in a shorter amount of time.
- Protect Sensitive Information: Propagation of intellectual property and other sensitive information is made known and can then be controlled, thereby ensuring competitive posture and brand identity are maintained. All violations are recorded and can be managed through the integrated Reconnex case management system, allowing multiple stakeholders to act upon a series of incidents.
- Ensure Acceptable-use of Corporate Resources: Storage of questionable content, including text, images, or other media files, is logged and incidents are generated. This allows organizations to examine what information people are storing and correct behavior that is not compliant with corporate acceptable use requirements.
- Historical Data Analysis: By providing a unique historical capture database, organizations can perform searches against laptops, desktops, and servers to understand what data is stored, improve rule accuracy, fix compliance issues, and identify what sensitive data may have resided on a compromised device.
Based on Reconnex's purpose-built turn-key iGuard appliance, the Data-at-Rest solution includes the following technology features:
- Architecture for Performance: Reconnex provides a high-performance, intelligent crawler architecture that helps minimize the amount of time necessary to identify compliance violations, acceptable use issues, or proliferation of intellectual property and other sensitive information.
- Simple Out-of-Box Experience: By providing an appliance form-factor, Reconnex data-at-rest solutions are simple to install, easy to configure, require minimal ongoing administration, and are less vulnerable than solutions that leverage off-the-shelf operating systems. Reconnex provides significant ongoing operational cost savings when compared to alternative solutions.
- Built-in Support for Identifying the Data That Matters to You: Reconnex Data-at-Rest provides a comprehensive policy and rules engine that understands a broad array of compliance regulations, intellectual property objects, and acceptable use violations without additional administration
- Powerful Document Registration Capabilities: Reconnex allows you to specify what information is sensitive and requires explicit protection. Data-at-Rest will then analyze and fingerprint this data, and send it to nearby data-in-motion and data-in-use devices to provide end-to-end comprehensive coverage and protection.
- Historical Capture Database: The Reconnex capture database enables learning applications and allows the administrator to perform queries against historical data for the purposes of forensics, investigations, search, rule and policy tuning, and understanding behavior.
- Fine-grained Controls and Flexible Content Definition: Reconnex provides flexible content definition to allow accurate detection of sensitive information through the use of content types, keywords, and templates. Concepts provide a powerful framework for defining structures of sensitive information, including regular expressions, proximity, locality, frequency, weights, and match percentage. Documents can be protected even if the information has been plagiarized, conjugated, transposed, or otherwise changed.
