Identify the Risk!
How can I start?
Why do I need a Data Risk Assessment?
To mitigate risks, protect sensitive business information and ensure effective information governance, you must be able to accurately identify all sensitive data and know how it’s used across your organization.
The challenge is that sensitive data can exist in many forms — including spreadsheets, Word documents and PowerPoint presentations — and can reside anywhere across your organization. To make matters worse, sensitive data quickly assumes a life of its own. It may be stored incorrectly, accessed by unauthorized people, or leaked through public file shares, email or other means.
If you can’t pinpoint your sensitive data, understand how it’s used across the organization and then define and apply appropriate policies to it, your company may be exposed to significant business, legal, regulatory and reputational risks.
To reduce your data-related risks, you should be able to answer a variety of critical questions, including:
- Where is my company’s sensitive business data actually located?
- Can I identify and effectively manage all copies and versions of sensitive business documents?
- Are all my sensitive business documents appropriately protected?
- Who is actually accessing sensitive business data? And who has access rights on this data?
- To whom is sensitive business information being sent?
- Are the correct security and retention policies being applied to sensitive information?
- Can I prove this to an outside auditor?
The answer all of these questions means to start with an "Classify first" activity and get as an result the Data Risk Assessment Report. This specific analytically report will help you with your conclusions and data strategy.
The Data Risk Assessment Service
The Data Risk Assessment is a service delivered by Nogacom certified Professional Services experts who analyze your company’s business data environment, using the NogaLogic solution. At the end of the assessment process Nogacom provides a detailed report that tells you what sensitive documents you have, where they are stored, who has access to them and who has actually accessed them, and to whom they are being distributed. The report also provide specific recommendations for actions you can take to mitigate risk exposures, significantly improve your information security and comply with regulatory mandates for data protection.
What do I have to do?
- Provide access to the analysing data (up to 1 TB)
- Provide access for extracting the Business Entities (Databases, Active Directory)
- Add further business and infrastructure knowledge to our Professional Service
- Describe the data risk you are currently fearing
- Did already happend a data leakage?
The whole procedure will be an effective, quick and cost-efficient way for your company to identify and assess your organization’s sensitive information risks. To get granular insight into your current information risk levels and their root causes. Detailed recommendations on how to optimize data security policies and reduce your company’s exposure to security risks will be the summarizing result.