Identity Finder, a provider of sensitive data risk reduction solutions, announced today that it has changed the company name to Spirion, and appointed Dr. Jo Webber as its chief executive officer (CEO). The company also announced the results of its enterprise sensitive personal information data audit. Spirion’s Data Platform was developed for CISOs, CIOs, and vice presidents of IT and IT Security to prevent the deliberate theft and accidental loss of sensitive information.
In today’s data driven world, information has massive advantages, including consumer convenience and business intelligence. But with that usefulness comes potential risk, including loss that can quickly lead to compliance violations and fines. According to Ponemon’s 2016 Annual Cost of Data Breach report, the per-record cost of a data breach reached $154 this year, up 12 per cent from last year's $145 and the average total cost of a single breach rose 23 per cent to $3.79 million. Compounding matters is the fact that sensitive data at many organisations are subject to uncontrolled sprawl, which further increases organisational risk and consists of:
- Excessive data collection beyond a business’ needs
- Rampant and uncontrolled data duplication
- Flawed business practices
- Long and unnecessary data retention
- Document/file/data sharing within and outside of an organisation
Spirion recently completed long term sensitive data audits at three of its largest enterprise sites, which included a large multinational manufacturer, leading healthcare technology company and a major university. During the audit, the company discovered that if left unchecked, every legitimate piece of sensitive data will create up to 1000 unnecessary copies. What’s more, the company found that if left unmanaged, for every legitimate user of sensitive data, up to 100 additional users will have access to it. These assessments are based on before and after audits of the implementation of Spirion’s Data Platform.
“To eliminate the risks associated with data proliferation, it’s important to first identify 100 per cent of an organisation’s sensitive data. Then start taking control by automatically classifying it according to your rules and policies,” said Dr. Jo Webber, CEO of Spirion. “Your solution should be able to remove extra, unneeded copies, stop additional sprawl at the time of creation, and apply appropriate controls and protection over needed copies. And monitoring and managing sharing should be able to be handled internally and integrate with a gateway DLP solution to leverage classification and stop external over-sharing and leaks.”
Rushing into data
“Companies that rush into data in motion DLP solutions without first eliminating their data sprawl and classifying their data, are wasting their time and money because these solutions do nothing to attack the source of risk and sensitive data sprawl, leaving organisations with immeasurable exposure,” said Garrett Bekker, senior analyst in the enterprise security practice at 451 Research. “When DLP is used in concert with sensitive data risk reduction software, organisations can better protect sensitive data from intentional or unintentional breaches while at the same time reducing its footprint.”
Rick Popko, Senior Account Manager at 10Fold