Data Discovery
Data discovery is a process that involves identifying, categorising, and understanding the data an organisation possesses.
With data discovery, organisations can quickly locate and protect sensitive information. This is particularly important for compliance with regulations such as GDPR, which requires organisations to safeguard personal data. Knowing where data is stored makes it easier to implement security measures such as access controls, encryption, and data loss prevention (DLP) solutions. Additionally, data discovery helps in conducting better risk assessments and understanding the potential consequences of a data breach.
If an organisation is unaware of the data it holds, it cannot adequately protect it, which poses a significant security risk. For this reason, data discovery is a critical component of an effective IT security strategy and risk management framework, regardless of an organisation's size.
Implementing Data Discovery
Identifying Data and Sources
The first step in a data discovery process is to map out where organisational data is stored and how it is used. This includes both structured data, such as databases and spreadsheets, and unstructured data, which may be stored in files, emails, cloud services, or even on employees’ devices.
The process requires a detailed review of the organisation’s entire IT environment and can be carried out using both manual methods and automated tools.
Employee interviews can also be a valuable approach to uncover hidden data sets that may not be documented. A thorough data discovery process can reveal overlooked or unexpected data, which may not have been previously considered important but could have a significant impact on security and compliance.
This insight is also essential for meeting compliance requirements, such as GDPR Article 30, which mandates maintaining a record of processing activities
Data Classification
Once data sources have been identified, they must be classified based on their sensitivity. This involves identifying data that falls under regulatory requirements, such as personal data, or information that is critical to business operations. Classification helps determine the appropriate security measures for each data type and ensures that the most sensitive information receives enhanced protection.
Data Discovery and Metadata
An essential part of data discovery is understanding data movement and relationships. This is achieved through metadata analysis, which provides insights into data origin, ownership, update history, and usage. By understanding how data flows through your systems, security vulnerabilities can be identified and addressed more effectively.
When data relationships are visualised, organisations can better understand how data is used and where it may be vulnerable to potential attacks or misuse.
Methods of Data Discovery
There are different approaches to data discovery, depending on the organisation's size and needs. Smaller organisations can often rely on manual analyses, where the IT department reviews and maps out data manually.
Larger and more complex organisations typically require automated tools that can scan large volumes of data quickly and efficiently. Often, automation is combined with manual validation processes to ensure the accuracy of results and to interpret data within the context of business activities
Technical and Practical Aspects
Successful data discovery requires both technical expertise and business insight. IT specialists play a crucial role in configuring and analysing systems, while business leaders provide context on the value and use of data.
Modern compliance software simplifies the process by automating data scans and generating reports, enabling both IT and business stakeholders to make informed decisions based on accurate data insights.
An Ongoing Process
It is important to understand that data discovery is not a one-time task. Data is constantly moving and evolving as new information is created, shared, and deleted. Regular updates and audits are therefore essential to ensure that an organisation maintains full visibility over its data and can respond quickly to emerging risks.
Threat Scenarios
Data discovery helps reduce the risk of various security threats.
|
Threat Scenario
|
Mitigation Measure
|
|
Data Breach
|
Data discovery identifies and marks sensitive data and its location, allowing security efforts to be focused where they are needed most.
|
|
Unauthorised Access
|
Provides an overview of data and access rights, enabling organisations to detect and close security gaps quickly.
|
|
Data Loss
|
Helps locate critical data so that the organisation can prioritise backup and contingency planning.
|
|
Non-compliance with Regulations
|
Identifies data subject to legislation such as GDPR and ensures compliance requirements are met.
|
|
Unintentional Data Sharing
|
Provides insights into data flows and identifies areas where unauthorised sharing may occur, allowing preventative action to be taken.
|
|
Insider Threats
|
Enables the identification of privileged users and their access to data, helping to mitigate potential risks.
|
|
Ransomware
|
Helps locate critical data, ensuring it can be prioritised for recovery following an attack.
|
Risk Reduction
By identifying and classifying their data, organisations can conduct more accurate risk assessments and proactively implement targeted security measures where they will have the greatest impact. This contributes to an effective reduction in the risk of data breaches.
If your risk assessment identifies unintentional data sharing as a potential risk, data discovery can help locate files containing sensitive information and ensure that access and sharing controls are properly enforced.
Data discovery can be used to map data across various information assets, such as servers, databases, cloud storage, local files, emails, IoT devices, and more.
Business processes like customer management, accounting, production, research, and development are heavily dependent on data. Data discovery supports these processes by ensuring that data is handled correctly
Implementation
Implementation Costs
Implementing data discovery requires both time and resources. Costs will vary depending on the organisation’s size, complexity, and the tools and methods chosen for the process.
To conduct data discovery, a team combining technical expertise with business insight should be assembled. In some cases, specialised software and external consultants may also be necessary.
Practical Steps in Implementation
The process should begin with the development of a clear plan, defining the scope and identifying the relevant tools. Stakeholders from all relevant departments should be involved in the planning phase.
Implementation may include both automated data scans and manual review of results to ensure accuracy and contextual understanding.
Since data is constantly changing, with new information being created and deleted regularly, ongoing updates and audits of the data discovery process are essential.
Automation vs. Manual Processes
Automation plays a key role in efficient data discovery, particularly for larger organisations handling vast amounts of data.
Modern tools can quickly scan and identify sensitive information, saving time and reducing errors. However, manual validation may still be necessary to ensure that results are properly understood in the context of the organisation’s activities.
Smaller organisations with fewer data sources may be able to rely on manual methods, but for most businesses, automated tools are critical for ensuring a scalable and efficient data discovery process.
Challenges
Although data discovery is a crucial process, organisations may encounter challenges during implementation. Below are some of the most common challenges and their potential solutions.
|
Challenge
|
Solution
|
|
Data spread across multiple systems
|
Automated scanning tools can integrate data from various sources, providing a comprehensive overview.
|
|
Poor data quality
|
Implement processes to improve data quality, such as validation and standardisation of data.
|
|
Complexity of data
|
Use specialised consultants or tools designed to manage complex data structures.
|
|
Employee resistance
|
Educate employees on the importance of data discovery and how it benefits the organisation.
|
|
Lack of resources
|
Prioritise the most critical data and implement data discovery in phases.
|
Data Discovery Software
When it comes to data discovery, software solutions play a central role in efficiently identifying, classifying, and analysing data. There are many providers on the market offering tools designed for both small and large organisations. The choice of the right software often depends on business needs, data complexity, and budget.
Microsoft Purview is a data governance and compliance solution that also includes data discovery features. It is particularly well-suited for organisations already using Microsoft’s ecosystem, as it seamlessly integrates with Azure, Microsoft 365, and other Microsoft services.
Varonis is another provider of data discovery and data governance solutions. Its software focuses on mapping and securing sensitive data, especially across unstructured data sources such as files, folders, and emails.
Related Measures
Data discovery can be used in conjunction with various other security measures, including:
-
Access Control – Managing who has access to data.
-
Role-Based Data Access – Ensuring that only relevant employees can access sensitive information.
-
Encryption – Protecting data from unauthorised access.
-
Data Loss Prevention (DLP) – Preventing accidental data sharing or loss.
-
Risk Assessment – Providing insights into the threats an organisation faces.
To be effective, data discovery should be part of the organisation’s overall IT security policy and managed within an Information Security Management System (ISMS).
.jpg)
.jpeg)
.jpg)
.jpg)
.jpg)
-1.png)
.jpeg)
.jpg)
