Enterprises today have no or little visibility into what’s happening across their unstructured data. While enterprises are mandated to meet regulatory requirements such as General Data Protection Regulation (GDPR), Personal Data Protection Act (PDPA) and internal audit requirements around data protection, enterprises are simply not ready to protect data in this form because they just don’t understand where these data resides, who owns these data, number of duplicate copies and most importantly, how sensitive these files are.Fálaina’s Data Analytics and Compliance Manager (DACM) helps organizations implement data security controls required to mitigate the risks and threats for unstructured data within the organizations. Fálaina’s DACM helps discover unstructured data to understand the data file format (data silos) and provide complete visibility on who’s who, what’s what and who has access to unstructured data in order for enterprises to address their audit and compliance requirements.Fálaina’s DACM focuses on implementation of data access security, data classification and discovery, activity monitoring and audit for unstructured data within file shares such as Microsoft Windows File Servers, Microsoft Sharepoint Servers and other file shares in the cloud.

Fálaina’s DACM and its integration with Identity Governance and Administration technologies enables it to provide comprehensive solution that ensures enterprise data is secure for business transactions no matter where they resides.

 

Complete discovery and profiling of enterprise unstructured data

Fálaina’s DACM discovers and profiles unstructured data that resides in Microsoft Windows File Servers, Microsoft Sharepoint Servers and other file shares in the cloud. This is the first step organization should take to understand the unstructured data within their enterprises.

The discovery process identifies all unstructured data such as folders and files, Sharepoint resources, contents and sites along with its attributes such as content/file type, ageing, created by/modified by and so on.

Following this discovery, Fálaina’s DACM completes the profiling based on the plug-ins for particular target systems. Profiling includes classifications of asset/data, who has access to what, last access date/time and sensitivity of the asset/contents and finally the data owner.

Data classifications can be automated based on policy supported by each plug-ins. Such policy can be based on name, keywords, location of the contents/files and active users.

Understand who have access to your data (Entitlement Catalog)

Fálaina’s DACM entitlement catalog displays the actual access rights granted to any individuals including employee and non-employees for unstructured data
access along with application and system access. Access rights granted also referred to as authorizations, privileges or permissions.

The DACM entitlement catalog displays employee identity data along with their detailed access rights for folders and files which was discovered and reconciled as part of the
discovery process. DACM entitlement catalog gives the ability to drill-down access rights down to any level of folders and files.

Other information displayed in the entitlement catalog includes access to sensitive folders and files. List of sensitive folder and files are based on rules and policies defined.

Fálaina’s DACM also provide facilities to assign owner for orphan folder and files, which at times can be sensitive in nature.

Review and remediate unauthorised access

Fálaina’s DACM facilitates access review and certification processes for unstructured data access.

The solution allows the reviewer to run certification campaign by user, resource (folders and files) and data classifications. Organization able to detect unauthorized access and able to implement remediation as part of the review process. Review of unauthorized accesses can be done by the resource owner or manager.

Other capabilities include workflow integration and attachment management. The DACM’s review and certification processes includes close-loop remediation process via workflow process, provisioning event or email notifications.

Integration with Identity Governance and Administration for complete Data Access Governance

Fálaina’s DACM is integrated with IGA products such as IACM, ILM and PAM. These integration enables implementation of access request management and
workflow, unstructured data access rights review, monitoring of privileged users access for administration activities and comprehensive analytics using dashboard and reporting capabilities.

Monitoring user privileges and activity

Fálaina’s DACM access rules set out by the data security policies are crucial guides for monitoring the privileges granted to users with access to the data. For example, this is important for checking for changes to Microsoft Active Directory group membership or individual privileges to ensure they match requirements associated with business role, data type or geographic location.

This is important to detect potential insider abuse or external hacking activities. Integration with Fálaina’s Privileged Access Manager (PAM) is critical to build analytics capability to detect insider misuse or hacking.

All administrative activities on Microsoft Windows File Server via Microsoft Active Directory Server group permission now can be secured and monitored via PAM to ensure audit trail and reporting purposes.