What enterprise tools can scan files for sensitive data?

Given the many recent high-profile data breaches, organizations seem keen on securing their sensitive data, including credit card and social security numbers. In this expert Q&A, SearchSecurity.com's Mike Chapple reviews tools that can scan text-based files for this critical information.

University of Notre Dame

Is there an enterprise tool available on the market to scan all the workstations on a network and find non-compliant files like mp3s and videos? I would also like to scan text-based files for sensitive data like credit card or social security numbers.

The first question is easy: There are quite a few tools out there that will let you inventory applications and files stored on enterprise workstations. Simply searching the Web for "workstation audit" will provide information about many suitable products.

The second half of your question is a bit more challenging. Searching systems for the presence of sensitive data...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

(such as credit card numbers or SSNs) is a hot topic these days. Given the recent spate of high-profile data security breaches, organizations are keen to secure known stores of sensitive information, as well as ferret out any dangerous unknown goldmines. There are open source security tools to assist with this task, like Spider from Cornell University. The downside to any of these tools is that they're bound to have a high false-positive rate, and the only solution is spending time analyzing log files.

More information:

Learn how the PCI standard affects the storage of sensitive information.

Find out more about acceptable use policies.

This was last published in December 2006

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

Related Resources

Dig Deeper on Data security breaches

Related Q&A from Mike Chapple

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.