An internal data breach is the exposure of confidential information to an unauthorized user in an organization. We tend to think of confidential information as private information about a patient, customer, employee, etc. After all, nearly every country in the world has regulations specifying how private data can be stored, accessed, and managed. And, they can assess sizeable fines for noncompliance.
Organizations typically store personal identifiable information (PII) as records in an application database. A patient’s medical information, for example, is structured across cells in a medical application’s database table. This is why it known as “structured data.”
Protect your unstructured data
But sensitive information is not just PII; it also includes an organization’s confidential or competitive proprietary data. For example, not-yet-released quarterly sales results, future marketing plans, legal documents, and more. These word processing files, spreadsheets, presentations, media files, etc., cannot be structured in a database. They are stored in folders in a network file system or in the cloud. This type of data is known as “unstructured data.” It comprises about 80 percent of an organization’s total stored data.
Organizations largely protect and manage structured data from unauthorized access through an automated process. An example is an identity and access management system (IAM) that provisions and restricts access based on user identity and role. Conversely, they will secure unstructured data through NTFS permissions assignments in Microsoft Active Directory and Microsoft Entra ID for network folders, shares, and document libraries.
NTFS permissions increase the complexity of protecting unstructured data
It’s these extensive and complex individual NTFS permissions assignments that can be so challenging to manage. Sure, a network administrator can check which groups, and associated members can access a specific folder by viewing the folder properties. But with potentially thousands of folders, subfolders, and document libraries storing files with confidential, sensitive, and high-value data, reviewing these permissions individually is impractical.
How OpenText can help
That’s where OpenText File Reporter, a component of OpenText Data Access Governance, comes in. It has extensive reporting and analytics capabilities. File Reporter can identify all users who can access individual folders, subfolders, Microsoft 365 document libraries, their NTFS permissions. It can also identify how that access is derived. With these findings, information and security officers, network administrators, and department data owners can determine potential risks for internal data breaches.
OpenText File Reporter can present these findings in a variety of permissions report types. That way you can have the information you need to make the necessary changes to access permissions.
This capability has been incredibly useful to customers needing to perform regular vulnerability assessments on all of their confidential, sensitive, and high-value unstructured data and protect themselves from everything from inappropriate insider knowledge to insider misconduct.
With so much to lose – data security, competitive advantages, customers, employees, and reputation, as well as the potential for fines and lawsuits, organizations cannot risk the possibility of an internal data breach, especially when those risks are so easy to identify with OpenText File Reporter.
