This type of data can come from all levels within the organization and from partners in the value or supply chain, which is why controlling what, who, how, when, and where people can access information becomes a manual, laborious, and excessively expensive task. Yes, it seems like a difficult task, but then, what is the best posture? Do we ignore it or do we have to take control of the situation?

The price of staying in the comfort zone

At the beginning of March 2022, Microsoft published an article about the most common challenges that organizations face when protecting sensitive information.  These can include security breaches that generate high costs, negative impacts on the price of the actions and fines imposed for violations of regulations such as GDPR and CCPA, as well as loss of reputation by customers who are victims of identity theft, credit card fraud, and other malicious activities resulting from such breaches (Microsoft shares 4 challenges of protecting sensitive data and how to overcome them – Microsoft Security Blog). In 2021, the number of data breaches increased by 68% (the highest in 17 years) at an average cost of $4.24 million each (Cost of a Data Breach Report 2021, Ponemon Institute, IBM. 2021). Likewise, the article indicates that around 45 million people were affected by medical data breaches, triple the number affected just three years earlier (Cyberattacks Against Health Plans, Business Associates Increase, Jill McKeon, HealthITSecurity xtelligent Healthcare Media. January 31, 2022).

A journey to effective protection

Given this scenario, the right choice is to build a security strategy that, in addition to helping protect the company’s sensitive information, establishes and strengthens the governance of identities and data to help Chief Information Security Officers build and maintain control over the actions that are executed regarding sensitive information, with personalized policies, automated processes, and rich data to support decision making.

To achieve this, we must undertake a journey that includes a detailed stop at each station along the way. However, it is not enough to want to make the trip; it is vital to select a conveyance (the solution) that accomplishes the expectations of the traveler (the organization) and that has the technical and technological capabilities required to overcome the obstacles along the way, and arrive at the destination where a welcome cocktail awaits (the effective and proactive protection of sensitive data).

Introducing E-Inspector: the next generation jet

E-Inspector is a solution developed by Synergy Advisors with advanced capabilities to facilitate the automated discovery, audit, and protection of sensitive data, stored in the cloud or on-premises. E-Inspector is the next generation jet that constitutes the appropriate conveyance for the secure journey to the protection of sensitive data.

This solution has protection capabilities based on MIP (Microsoft Information Protection) technologies that enable you to take control of the data no matter where it is, and guide the protection strategy through 3 stations that make up a secure journey:

• Discovery: E-Inspector identifies where your sensitive files are located and provides data about the number, type of files, and their attributes (owner, time, last modification, etc.).

• Assessment and audit: Classifies data and metadata and inspects content for sensitive information.

• Protection and response: Automatically applies the required encryption according to the content of the document. This automates and streamlines the entire process, and builds a detailed inventory of the repository, including which files were encrypted. Likewise, it enables changes to be made to the analyzed files in terms of protection, classification, and content protection policies and direct actions on the files such as copying, moving, deleting, and changing owners without removing the encryption of the files.

Through the execution of the previous 3 phases, E-Inspector comprehensively optimizes and automates the management of sensitive information, including an information governance component that acts on identities and data and enables the definition of centralized policies to support inspection capabilities in the cloud and on-premises, while offering data-rich inventory, workflow-based actions that go beyond content protection, and a reporting and analytics layer delivered through Power BI.