Those of you who have been following me for a while know that I am a proponent of data discovery tools, and Data Loss Prevention tools where appropriate. I partnered with one while running the consulting business at VeriSign, and worked with the teams at RSA that developed their product. I even talked about finding the data as the security equivalent to Dave Ramsey’s first Baby Step for security. It’s becoming even more critical with PCI DSS 3.0 as data flow maps must be maintained and validated (to some degree).
At Sysnet, we have tools for doing all kinds of scanning including data discovery scans. One of the challenges with most of the DLP solutions available is that the vendor wants you to buy the whole thing and it is a challenge to deploy the agents. In addition, many of the agents are platform or format specific which limits the effectiveness of the tools themselves.
Ultimately, data discovery is probably more important today than it was a few years ago given the impact that BYOD and cloud-based apps have had in increasing unintended data sprawl in our organizations. My question to you: How well do you know where your data lives, where it goes, where it ends up, and how it dies?