With compliance standards driving more and more organizations to directly tag their data, StealthAUDIT’s Sensitive Data Discovery allows you to easily locate and understand the data that was important enough to tag in the first place.
The configuration for sensitive data discovery is located within the Criteria Editor. To get there navigate the Job Tree to the 1-SEEK System Scans job located in Jobs > FileSystem > 0.Collection. Open the Query Properties as shown below:
From here, select SDD Audit Criteria Settings and then the Edit button to open the Criteria Editor:
Now we can setup our custom Keyword Criteria using the Add (+) button in the top left.
Now I want to select a set of word typically associated with Sensitive Data Tags like:
- top secret, secret, confidential, restricted, protect, unclassified, private, official, clearance, classified, sensitive, controlled
These words are commonly associated to sensitive data and can easily be copy/pasted into the criteria editor. Or you can configure with your own distinct keywords.
*Note: Here I have set the Criteria to only analyze File Metadata, selected in red. If you set the SEEK scan with only this criteria, it will run faster as it is only scanning metadata and not the contents itself.
Now not only will you be able to view any and all tags with our standard File System Access Audit Scans:
But, you can now isolate the files with the critical tags that are most important to you and your organization:
*Note: Now these files are treated as sensitive and will be highlighted with additional information such as openness, highlighted in yellow.
Request a demo of StealthAudit to learn more: https://go.stealthbits.com/demo-request-StealthAUDIT
Don’t miss a post! Subscribe to The Insider Threat Security Blog here:
Jeff is a Senior Engineer at STEALTHbits.