Securing Sensitive Data Across a Distributed Endpoint Environment

By: Neeraj Annachhatre | 9/7/2021 | 4 min read

With organizations embracing the new work-from-anywhere era by offering employees more flexible working options - whether they be 100% remote or hybrid plans - the job of IT and security teams to manage devices and secure sensitive data is now even more challenging given the distributed environment. Assessing fleet-wide sensitive data risk is already a major headache for practitioners due to the difficulty in reliably identifying sensitive files and keeping track of their movement on a daily basis.

Absolute’s 2021 Endpoint Risk Report paints a troubling picture as it relates to enterprise data exposure, highlighting a 111% annual increase in sensitive files being stored across devices, and 73% of devices, on average, containing sensitive data at any given time. The same problem exists across industry types as well, with financial services and professional services firms having the highest share of devices containing sensitive files, at 81% each.

The phrase “sensitive data” can refer to a few different types of information depending on the organization’s operational and business environment. In a general sense, these can include personally identifiable information – often called PII – such as social security details, personal financial data, or health information. It can also refer to corporate information such as intellectual property or customer/client data such as order details or financial records. Having any of this fall into the wrong hands, whether they be threat actors looking to leverage information to initiate a ransomware attack or unauthorized personnel, can have a direct impact on the organization’s reputation, finances, and business prospects going forward.

Furthermore, organizations have a responsibility to conform with data regulations mandated through frameworks relevant to the industry and geographical area in which they operate. Examples include the likes of GDPR for organizations operating or having customers based in the EU region; HIPAA for healthcare organizations; CJIS for law enforcement; and CIPA within education. An inability to do so can lead to severe repercussions in terms of very real financial penalties and subsequent negative press that can damage the organization’s viability. Penalties to settle HIPAA violations in 2020 alone exceeded $13.5 million while GDPR penalties totaled €158.5 million during that period.

With these challenges in mind, IT and security teams require the means to perform regular data risk assessments to ensure any sensitive informationstored across their endpoints is never exposed. The Absolute Erase solution includes a set of capabilities that enable administrators to remotely identify and secure sensitive data across their endpoints. Key use cases include:

  • Identifying and protecting sensitive files across a distributed device environment​
  • Identifying vulnerable devices based on at-risk data, security posture​ and device status
  • Complying with regulatory frameworks such as GDPR and HIPAA​

Absolute Erase’s primary feature, called Absolute Endpoint Data Discovery, executes regular scans to search for files containing sensitive information that is most relevant to the organization, whether it be PII, or even corporate or customer details. Specifically, the feature searches for matches of particular expressions or lexicons that are part of Endpoint Data Discovery templates chosen by the user during configuration.[1]

Users can select from a group of Absolute defined templates such as Social Security or Personal Health Information, or configure their own templates based on internal data policies or regulatory frameworks. Once the feature is configured and active, matched information can be assessed via customizable reports available through the Absolute console. Users can also combine this data risk information with other security-related telemetry available through the console, such as anti-malware and encryption status that holistically identifies the most vulnerable devices in their environment in order to take swift, protective action.

Absolute Erase also includes a set of integrated actions for users to remotely execute across their devices. These include the ability to freeze a device to render it inoperable, delete specific files containing sensitive information, or securely wipe the drive if the situation demands. Absolute’s Device Wipe leverages an innovative erasure method called Cryptographic Erase, involving the removal of encryption keys to wipe an encrypted drive while conforming with NIST guidelines for media sanitization (NIST SP 800-88).

To learn more about Absolute’s solutions for distributed endpoint environments, check out the Absolute Learning Hub for videos on Endpoint Data Discovery highlighting use cases and best practices. You can also view the Endpoint Data Discovery FAQ, Device Wipe datasheet and Absolute Help for additional information on how to set up and leverage the features.

[1] Note that Absolute does not retrieve or store files from endpoints. Endpoint Data Discovery simply scans devices for matched tokens and showcases matching counts in each category through reports via the Absolute Console.​ 

 

 

Financial Services