Magazine Button
Digital Shadows launches sensitive document alerts with added context

Digital Shadows launches sensitive document alerts with added context

Enterprise SecurityTelecomTop Stories

Digital Shadows, a leader in digital risk protection, has launched new capabilities to alert its customers to potential document exposure. Misconfigured file stores containing companies’ sensitive documents are highly sought after by cybercriminals, due to the high value of the material they contain. Some examples found by Digital Shadows include payroll data, company tax documents and proprietary product designs.

Sensitive documents are typically password-protected, are encrypted or can only be opened by the intended recipient with log-in credentials. While these controls can be effective, sensitive documents are frequently compromised in transfer or back-up processes and then are widely traded by cybercriminals.

Digital Shadows SearchLight already detects exposure of a protectively marked document (i.e. a document that says ‘private and confidential’ or another identifier). From December 1, two new alert types will be added for exposed technical documents (including security assessments and product designs) and exposed commercial documents (such as legal and payroll data). These documents do not need to have protective markings to be identified and associated with their organisations

Additionally, the new alerts contain context on the documents’ contents, providing clients with greater insight as to the severity of the alert. If a technical document is leaked, for example, the alert will note that it is a product-related document and assign it a high risk-prioritisation score. Further context will also include when the document was last seen – and whether it is still online. Lastly, clients will receive domain information and file metadata, which can help to understand the original author and creation date of the misconfigured file store.

Russell Bentley at Digital Shadows explained: “Every day more product designs, security assessments and payroll data are exposed online – and organisations have no idea. We give them new visibility into this problem and provide the best ways to mitigate the risks.”

The new capabilities discover ten document categories. Seven pertain to ‘exposed commercial documents’ and include alerts and insights for exposed financial, legal, personnel and project information. For technical documents, there are three categories for infrastructure, products and security. These new alert types benefit from SearchLight’s existing document discovery and analysis technology such as the ability to discover documents that sit within an archive file (such as a .zip).

Click below to share this article

Browse our latest issue

Intelligent CISO

View Magazine Archive