Data loss prevention should start with one question: Where is the sensitive data?
announced Feb. 12 the release of its 8.0 platform, which includes new dynamic classification system and sensitive data watch capabilities. The Identity Finder platform enables enterprises to identify sensitive information in order to take the appropriate steps to prevent data loss or leakage.
"With this release, we're focused on more than just DLP [data loss prevention]," Todd Feinman, CEO of Identity Finder, told eWEEK
. "We're now focused on more of the entire life cycle of sensitive data management."
Feinman said that Identity Finder is properly classified as a sensitive data management vendor. With the Identity Finder 8 release, the platform includes data discovery, classification, monitoring and protection capabilities. On the discovery piece, Identity Finder 8 now includes a dynamic classification system that expands on where the platform is able to search for data and what types of data it is able to find.
The dynamic classification system is performed in real time. Feinman explained that there is a Windows service that runs in the background, and when new data is saved to the hard drive, the service immediately does a check to analyze and classify the data. The service can be used to monitor data written to a network file share server as well.
The classification data is aggregated to a sensitive data management console for centralized reporting across an enterprise.
"The console provides full insight into everything, even if the data is only stored on one user's desktop or on a file server," Feinman said.
From a protection perspective, the Identity Finder console has an API that can potentially be leveraged by other technologies to understand which data is sensitive. Feinman noted that Identity Finder does partner with endpoint security product vendors. In particular, he said that Identity Finder can be leveraged by encryption vendors to help identify the sensitive information that needs to be encrypted in an enterprise.
If, for example, an enterprise using Identity Finder discovers data that has a Social Security number (SSN) in it, there are several steps taken that can help protect against the data's loss, though actually blocking transmission of the data is not part of the platform. There is an overlay icon that shows up on the user's desktop that will identify to the user that a given piece of data has sensitive information in it, like the SSN, according to Feinman.
"We don't have a technology that prevents the user from attaching the sensitive document to an email that leaves the organization," he said. "That's where traditional DLP products work differently from us."
Feinman said that Identity Finder isn't trying to block the email message with the SSN in it, but rather is trying to change user behavior, so users understand what data is sensitive.
"Our real hope is that employees start to think about the sensitive data they have on their computers that might be a risk," he said. "We want to help make users aware of the data that's on their system through the data classification process."
Sean Michael Kerner is a senior editor at
InternetNews.com. Follow him on Twitter @TechJournalist.