Data Risk Assessments
A Data Risk Security Assessment, or eDiscovery, helps organizations locate certain business-critical or protected information within their IT systems and networks.
WHY YOU NEED IT
If you aren’t 100% certain where all of your data is, how can you be sure it’s protected? Organizations that collect, store or share sensitive data, such as healthcare organizations, banks, law firms and more, are a target for cybersecurity breaches that aim to steal or infect critical data. Whether your organization is on the collecting or receiving side of this sensitive data, there are standards and requirements you must follow to ensure its confidentiality. For organizations that share Personally Identifiable Information (PII) with other companies, it’s important to consider those vendors’ regulatory compliance requirements, security protocols, privacy regulations, risk appetite and organizational policies. Without a thorough understanding of these components, your own risk appetite or the amount of risk you’re willing to accept for this vendor increases, putting your own organization’s reputation on the line.
HOW WE CAN HELP
Our PII searches identify and protect sensitive data on systems, computers and servers to reveal possible preventative and remedial measures that should be taken to secure and protect this data. We can identify occurrences of Social Security Numbers, credit card numbers, information designated as protected and other types of sensitive data. We can also take your vendors into account, assessing their risk classification. This process will take place over a few months and includes distributing vendor questionnaires, establishing scope of services, analyzing and verifying documentation, meeting with vendors, verifying vendor remediation, submitting final vendor report and providing ongoing vendor management and screenings.
OUR DATA RISK ASSESSMENTS
- Identify business-critical or PII within your system and network
- Securely encrypt, shred, redact or quarantine the data
- Regularly monitor and audit employee access to personal information
- Prevent unauthorized access to personal information
- Enforce secure access control measures that restrict access to records and files