As the volume of unstructured data such as files in File Shares or documents in Microsoft SharePoint continues to grow, organizations are faced with managing increased data security and information governance risks. One of the more potentially dangerous risks for organizations in the Microsoft Windows world are open shares or folders that are accessible by poorly defined and managed default global access groups like “Everyone,”"Domain Users” and “Authenticated Users.” To shut down these potential security and compliance risks, organizations may use Symantec Data Insight in five specific ways to manage the inherent ownership, usage and permissions risks present in today’s unstructured data and SharePoint environments.
The number of organizations who are looking to adopt Microsoft SharePoint is, in a word, overwhelming. A 2010 survey found that 90% of the respondents already use SharePoint with the adoption rate of SharePoint expected to reach 97% in organizations in the next few years. This rapid adoption is driven in large part by the collaboration benefits of SharePoint.
However, SharePoint alone does not necessarily address key security concerns arising from collaboration. For example, monitoring which users or groups of users have open access to what data is not a management feature natively found in SharePoint. As such, the issue of open shares persists in SharePoint environments though it is referred to as “open sites” when used in this context.
This is why Data Insight’s permissions analytics and reporting for File Shares and SharePoint remain a necessity to mitigate the types of risks these open shares and sites present. Data Insight gives organizations the insight they need into who owns what data in their unstructured data and SharePoint environments as well as the reports they need to understand how it is being used and accessed. Armed with this information, organizations are empowered to manage their data in a manner that complies with corporate information governance requirements.
The five ways in which Data Insight closes the door on the risks presented by open shares and open sites are as follows:
- Efficiently scans the environment. Normally when organizations try to discover what open shares or open sites exist in their environment they have to undertake the complicated and time consuming task to scan the entire environment.
Data Insight bypasses the need for organizations to perform this scan. Instead it auto-discovers File Shares or SharePoint sites by utilizing native APIs to collect file transaction data and making use of more efficient incremental scan techniques. Data Insight then indexes the usage and permissions data that it then makes available for organizations to identify open shares exist.
- Customized reporting. Each organization defines “open shares” is a slightly different manner. As an example, one organization may place an arbitrary number of users on a file that it defines it as “Open” where as another organization may be more granular or specify the presence of global groups such as “Everyone” in its definition.
Since Data Insight collects, indexes and then enables organizations to then search the activity and permissions data on these open shares. To accomplish this, organization may create customized searches and reports that identify potential open shares based upon that its specific definition of an open share.
- Dashboard metrics. Once an organization scans its environment, Data Insight’s dashboard displays users, file servers, the shares for each file server and the open shares based upon the organization’s specific definitions. Additionally the dashboard metrics reveal new occurrences of open shares, how many files are in an open share, how often a file is access and the last time it was accessed so an organization may determine the best course of action to properly securing this data.
- Integration with Symantec DLP Network Discover. Having identified which open shares represent the highest potential risk, organizations may then employ Symantec Data Loss Prevention (DLP Network Discover) to do a more detailed investigation of these shares to determine whether confidential data is present in those shares and to further reduce the risk that the confidential data in these files presents.
- Facilitates lockdowns. Once an organization has identified open shares with Data Insight and completed a comprehensive scan with Symantec DLP Network Discover, it may then use Data Insight’s ownership and usage analytics to engage the data owner (s). Using this information, they may then determine the business impact of removing or adding permissions.
As the volume of unstructured data continues to grow, organizations are faced with managing its increased data security and information governance risks. Among these risks, the issue of managing open shares/open sites remains particularly acute especially as File Shares and SharePoint continue to proliferate.
This is what makes the introduction of Data Insight into any enterprise environment a necessity in both existing unstructured data environments as well as in growing SharePoint deployments. Data Insight provides organizations with a comprehensive, detailed view into these two disparate environments from a single portal so they have the information they need. Armed with it they may then take the steps necessary to manage their data in a manner that complies with both internal and external corporate governance requirements while still enabling their users and applications to operate without interruption.