Problem solve Get help with specific problems with your technologies, process and projects.

What enterprise tools can scan files for sensitive data?

Given the many recent high-profile data breaches, organizations seem keen on securing their sensitive data, including credit card and social security numbers. In this expert Q&A, SearchSecurity.com's Mike Chapple reviews tools that can scan text-based files for this critical information.

Is there an enterprise tool available on the market to scan all the workstations on a network and find non-compliant files like mp3s and videos? I would also like to scan text-based files for sensitive data like credit card or social security numbers.
The first question is easy: There are quite a few tools out there that will let you inventory applications and files stored on enterprise workstations. Simply searching the Web for "workstation audit" will provide information about many suitable products.

The second half of your question is a bit more challenging. Searching systems for the presence of sensitive data...

(such as credit card numbers or SSNs) is a hot topic these days. Given the recent spate of high-profile data security breaches, organizations are keen to secure known stores of sensitive information, as well as ferret out any dangerous unknown goldmines. There are open source security tools to assist with this task, like Spider from Cornell University. The downside to any of these tools is that they're bound to have a high false-positive rate, and the only solution is spending time analyzing log files.

More information:

  • Learn how the PCI standard affects the storage of sensitive information.
  • Find out more about acceptable use policies.
  • This was last published in December 2006

    Dig Deeper on Data security breaches