Whether you are working in a bank, credit agency, or other financial organization; finding and securing financial related data can be a challenge. Locating where your sensitive data resides is the first step in beginning to classify and protect it. Having effective sensitive data discovery is a crucial piece of any data loss prevention (DLP) strategy.
Why do I need to worry about my sensitive data?
Working in finance means you are accustomed to dealing with sensitive financial data and the regulations associated with it. From credit card numbers to bank account numbers, banks and finance companies see a multitude of financial related data. Some of the more commonly known standards and regulations are:
- PCI-DSS (Payment Card Industry Data Security Standard) – PCI is often the first thing that comes to mind when working with financial data, it is certainly something you should be aware of if handling payments, billing, etc. This standard highlight twelve security controls designed to protect payment related information, most commonly seen as credit cards. Credit card numbers are highly sought after by attackers, where the value can rise to over $100 for each card number.
- Sarbanes–Oxley Act (Sarbanes–Oxley Act) – This act, in response to the Enron and WorldCom fallout, was designed to provide oversight on the financial reporting. Its purpose is to review legislative audit requirements and to protect investors by improving the accuracy and reliability of corporate disclosures. Also known as Sarbanes–Oxley, Sarbox or SOX.
What happens when sensitive data is stolen?
The financial sector is no stranger to data breaches and leaks, and even some of the biggest players have difficulty protecting their data. In July 2019, Capital One suffered one of the largest data breaches in this sector, giving up over 140,000 Social Security numbers, 80,000 bank account numbers, and 1 million Social Insurance Numbers to an attacker. But even this is a mere drop in the bucket when you look at Equifax’s historic 2017 breach of 143 million consumers, and Heartland Payment Systems’ 2008 breach of over 134 million credit cards.
Attackers know the value of a stolen credit card, and banks and others in the financial sector are lucrative targets. Experian reports that the value of a single credit card can range from $5 to $100, and online payment services account such as Paypal can fetch up to $200.
With financial records being high value targets, it should come as no surprise that data loss prevention and sensitive data scanning are critical for any financial organization. That being said, implementing a successful DLP program can still be challenging. Most financial organizations have hundreds or thousands of assets, and finding every location where someone has saved or worked with sensitive data is difficult.
What is the solution?
Seeker is a Data Loss Prevention and Sensitive Data Discovery tool built to help organizations find sensitive data like credit cards and bank account numbers on a variety of assets. Seeker offers a straight forward, no non-sense, license model, allowing financial organizations of any size to scan an unlimited number of hosts. With the ability to scan both Windows and Mac devices, file shares, and databases; Seeker is the ideal solution for organizations looking to deep dive into data loss prevention.
Ready to start? Download a free 30-day trial to see how quickly Seeker can find where your sensitive data is hiding.
https://finance.yahoo.com/news/lesson-capital-one-data-breach-164950916.html