As organizations adopt a hybrid model for their infrastructure, they grapple with massive data fragmentation, making it impossible to know where sensitive data resides. At the same time, the increasing risk of data privacy breaches and non-compliance with regulations can impose serious financial penalties. Sensitive Data Monitoring is an application in the Rubrik Security Cloud that discovers, classifies, and reports on sensitive data without any impact on production. By leveraging their existing Rubrik deployments, customers get up and running in just a few minutes with zero additional infrastructure required.
Sensitive Data Monitoring is available as an application in the Rubrik Security Cloud.
Well, after the cyber incident response, you shouldn't be surprised to receive a call from the Legal and compliance teams during business as usual times. The compliance team never sleeps! With so much data, they always need to ensure that ZFG complies with the required regulatory bodies and that files do not have open access.
Let's look at how you can use the same tool to keep your legal and compliance team happy.
Click Sensitive Data from the top ribbon. Click Windows File Share > C > File Shares.
You must have noticed that Departments, HR Share, and Public share folders have open access and sensitive hits. Click HR Share (A). You can drill down to find the exact affected object and what kind of violations the object has, along with which users have access to the files (B).
From the top right, download the files with hits. You can attach the file which has the list of all the files which have sensitive hits and/or open access.
One thing is for sure HR shares should never be accessible by everyone!
With open access to files, especially sensitive data, you are exposing your data to attackers and failing compliance mandates.
Based on the report, you can select the proper access control and location of sensitive data to protect your ZFG assets!
Sensitive Data Monitoring can be used in war and peace times without additional agents and on the backup data without affecting your production environment!
By accessing the Anomaly Detection app, you have already established the timeline for the cyber attack. You are already aware that the attackers have encrypted files for Haverford. The legal team would like to know what kind of sensitive information the attackers have access to and encrypted.
To get started, navigate to Sensitive Data from the top ribbon (A).
Click zaffre-webapp-01 (B).
Click Sensitive Files hits to change the order from ascending to descending (C).
You will observe that there are 0 sensitive files at this moment.
Now, let's change the snapshot to before the attack. From the dropdown menu for time, select the 1st snapshot (be sure to select the first day and first time for the snapshot).
You can see that there were sensitive files present in the var folder, which the attackers now encrypted!
You can download the list of files with hits by using the Download CSV For Files With Hits button on the top right.
Now you have provided the legal and compliance team with the ammunition to get to the bottom of the data access issues.
With Sensitive Data Monitoring, there is no additional lift to get access information.
There is no impact on production data or the performance of the system.
The same app can scan 10-100's objects that are protected by Rubrik.
