Tizor’s New Discovery Service Helps IT Locate Sensitive Data, Identify Risks

Spotlight on potential dangers in user behavior with data improves enterprise compliance and security initiatives

Tizor Systems has released the Tizor Discovery Service which includes a risk assessment scorecard. According to the company, the service helps enterprises locate sensitive data assets, identify risks with current operating practices, and develop plans to mitigate those risks -- all activities that are key to complying with regulations such as the Payment Card Industry (PCI) Data Security Standard and the Gramm-Leach-Bliley Act (GLBA).

With sensitive information scattered across the enterprise, sensitive information can reside in databases and file shares that are unprotected, but government and industry regulations require it to be private. Tizor says that companies may be unable to comply because they don't have the tools to find and classify private data, and such lack of visibility puts companies at risk for data theft, data breaches, and unapproved data access.

The Tizor Discovery Service uses Mantra data activity monitoring technology to automate discovery of data location and use. Data Activity Monitoring determines the usage patterns and risk profiles for all users and applications that access critical data. The service’s risk assessment report includes an overall risk rating; the findings are used by Tizor consultants working with client companies to develop remediation plans.

The service includes a report that identifies the location of sensitive information, who is accessing the data, and what activities are conducted by privileged users. It reveals suspicious user behavior, when failed transactions and high-risk activity occurs, and what steps are taken to address the risks.

According to a Forrester report, "Tizor's is one of the few products that have the ability to audit both relational databases and unstructured data residing on file servers and in mainframe applications. This broad support enables enterprises to implement a unified data auditing and protection solution across the enterprise."

"Many of the organizations that we speak with are forthcoming about the fact that they do not know where all their sensitive data is, nor do they have a baseline on how that data is being used," said Joel Rosen, president and CEO of Tizor, in a company statement. "Such information forms the foundation for meeting PCI and other regulations. If you don't know what you've got and what's happening with it, it's pretty near impossible to manage it."

More information is available at http://www.tizor.com/Services/Tizor-Discovery-Service.