What is Data Discovery?



Learn about data discovery and the role it plays in many data protection solutions in Data Protection 101, our series on the fundamentals of data security.

A Definition of Data Discovery

Data discovery involves identifying and locating sensitive or regulated data in order to adequately protect it or securely remove it. Data discovery is a priority for many enterprise security teams because it is a crucial component of compliance readiness. Data discovery involves auditing sensitive or regulated information, including confidential or proprietary data as well as protected data such as personally identifiable information (PII) or electronic protected health information (ePHI). Data discovery enables security teams to identify this information in order to protect it and ensure its confidentiality, integrity, and availability.

The Need for Data Discovery

In today’s era of remote workers, business is frequently conducted in the cloud and file sharing and storage are the norm. This poses a challenge to enterprises that need to know precisely where their sensitive or regulatory data resides. Considering the interconnectivity that exists today between business processes, data is placed in several systems, applications, databases, and shared files, making its protection, authentication, and confidentiality a challenge for enterprises. Data discovery is a solution for identifying a company’s data in full and making sure that the appropriate controls are in place for security best practices and regulatory compliance measures.

Data Discovery Enables Context Aware Security

The true goals of data discovery, therefore, are to identify and classify data in order to make determining the threat, the affected resources requiring protection, and the fallout of potential data leaks more manageable. In 2012, Gartner predicted the need for context aware security, due to cloud computing, IT consumerization, and the quickly evolving threats to sensitive enterprise data. Gartner touted context aware security as being “able to cope with emerging threats and evolving business requirements for greater openness.” Gartner also suggested that CISOs begin moving toward context aware and adaptive security infrastructure, coupled with secure web gateways and endpoint protection platforms to replace older, now-insufficient static security infrastructures like firewalls.

Gartner analyst Neil MacDonald described context aware security as “the use of supplemental information to improve security decisions at the time they are made, resulting in more accurate security decisions capable of supporting dynamic business and IT environments.” Gartner was right: by having a full understanding of contextual factors such as file type, sensitivity, user, and location, security teams and the solutions they employ can make more effective and timely decisions when protecting information across a wide range of use cases. Data discovery provides much of these contextual clues by identifying sensitive and regulated data requiring protection.

Benefits of Data Discovery with Context Aware Security Solutions

Enterprise data is moving from one location to another at lightning speed and is being stored in countless devices and cloud storage applications. Employees, partners, and customers are accessing this data from anywhere and at any time, so identifying, locating, and classifying that data in order to protect it is the primary priority of data discovery security solutions.

The benefits of data discovery and context aware security solutions are far reaching and include:

  • Enhancing the process of understanding the data the enterprise owns, where it is stored, who can access it and where, and how it will be transmitted
  • Applying pre-defined classifications and protection policies to enterprise data
  • Continuous and comprehensive monitoring of data access and activity
  • Automatic data classification based on context
  • Risk management and regulatory compliance
  • Complete data visibility
  • Identification, classification, and tracking of sensitive data
  • The ability to apply protective controls to data in real time based on pre-defined policies and contextual factors

Enterprises today are creating data at unprecedented rates, making data discovery all the more critical to maintaining a firm grasp on your company’s security requirements. Data discovery enables enterprises to adequately assess the full data picture and implement the appropriate security measures to prevent the loss of sensitive data and avoid devastating financial and reputational consequences for the enterprise.

Nate Lord

Please post your comments here

Digital Guardian for Compliance Technical Overview

Get the technical details on how Digital Guardian solutions protect on the network, at the endpoint, in the cloud, and discovers sensitive data.

Download Now
Related Articles
What is Business E-mail Compromise? How It Works, Best Practices for Protection, and More

Learn about business e-mail compromise attacks in Data Protection 101, our series on the fundamentals of information security.

What is Deep Packet Inspection? How It Works, Use Cases for DPI, and More

Learn about deep packet inspection in Data Protection 101, our series on the fundamentals of information security.

What is Threat Hunting? The Emerging Focus in Threat Detection

Threat hunting is a relatively new focal area in information security. Learn about this component of threat detection in our Data Protection 101 series.