Virtualization Technology News and Information
Article
RSS
Digital Shadows Launches Sensitive Document Alerts With Added Context

Digital Shadows has today launched new capabilities to alert its customers to potential document exposure. Misconfigured file stores containing companies' sensitive documents are highly sought after by cybercriminals, due to the high value of the material they contain. Some examples found by Digital Shadows include payroll data, company tax documents, and proprietary product designs.

Sensitive documents are typically password-protected, are encrypted, or can only be opened by the intended recipient with log-in credentials. While these controls can be effective, sensitive documents are frequently compromised in transfer or back-up processes and then are widely traded by cybercriminals.

Digital Shadows SearchLight already detects exposure of a protectively marked document (i.e. a document that says "private and confidential" or another identifier). From December 1st, two new alert types will be added for exposed technical documents (including security assessments and product designs) and exposed commercial documents (such as legal and payroll data). These documents do not need to have protective markings to be identified and associated with their organizations.

Additionally, the new alerts contain context on the documents' contents, providing clients with greater insight as to the severity of the alert. If a technical document is leaked, for example, the alert will note that it is a product-related document and assign it a high risk-prioritization score. Further context will also include when the document was last seen - and whether it is still online. Lastly, clients will receive domain information and file metadata, which can help to understand the original author and creation date of the misconfigured file store.

Russell Bentley at Digital Shadows explains: "Every day more product designs, security assessments, and payroll data are exposed online - and organizations have no idea. We give them new visibility into this problem and provide the best ways to mitigate the risks."

The new capabilities discover ten document categories. Seven pertain to ‘exposed commercial documents' and include alerts and insights for exposed financial, legal, personnel, and project information. For technical documents, there are three categories for infrastructure, products, and security. These new alert types benefit from SearchLight's existing document discovery and analysis technology such as the ability to discover documents that sit within an archive file (such as a .zip).

Published Monday, November 23, 2020 8:50 AM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2020>
SuMoTuWeThFrSa
25262728293031
1234567
891011121314
15161718192021
22232425262728
293012345