Data Sheet Informatica Secure@Source Identify, Analyze, Detect, and Monitor Sensitive Data Risks Sensitive data is the foundation of your organization’s intellectual property, revenue stream, and competitive advantage. That makes it imperative to protect your data from all types of internal and external threats, from disgruntled or careless employees to cybercriminals motivated by money or malice. Benefits • Continuously monitor and track sensitive data risks based on multiple risk factors • Identify top risk areas and prioritize data security protection more effectively • Uncover previously unknown and undocumented risks • Proactively detect high-risk conditions and anomalous user activities around sensitive data • Support audit and compliance with standardized risk scoring to easily track the effectiveness of data security measures over time Cyber attacks and breaches will continue to escalate in the foreseeable future. Customers, investors, and regulators all demand that organizations understand their risks and implement strict policies and security controls for sensitive, private, and critical data. Most organizations, however, do not have enough insights into their sensitive data risks—or even the location, proliferation, usage, and access control of all their critical data assets. Visibility into Sensitive Data Risks Informatica Secure@Source provides insights into sensitive data risks by automating the process of collecting all the information around sensitive data, analyzing, monitoring, and providing a 360-degree view of sensitive data risk. This enables security and IT teams to rapidly apply the right policies and controls to the most critical data. It replaces costly, time-consuming manual efforts with automated discovery, identification, detection, scoring, and analysis of sensitive data risks. Many organizations believe that finding where sensitive data resides within the enterprise is all they need in order to manage its risk. But many other factors contribute to the level of risks: 1.The existence of a combination of sensitive data elements can represent a higher risk 2.Not all sensitive elements represent the same risk 3.The volume and protection status of sensitive data impact risk 4.The more users who have access to the sensitive data, the higher the risk 5.Increased activity, access to larger volumes of sensitive data, and anomalous patterns of activities all increases risk Secure@Source addresses this challenge by analyzing data risk based on multiple factors and taking into account the level of sensitivity, volume, context, protection status, proliferation, cost, location, users who have access, and level and type of activity. Organizations can interactively analyze the top data stores, departments, and location with the highest risks as well as visually trace the sources of unprotected sensitive data and the replication of sensitive data across data stores in the organization. By continuously monitoring, tracking, and trending standardized risk scores for each data store, in each department, and across the enterprise, organizations can measure progress for each group as well as in aggregate over time. Data Security Intelligence to Detect Anomalies and Prioritize Remediation Secure@Source delivers data security intelligence by collecting user activity logs from data stores across the enterprise in real time. By correlating this information with user access, data sensitivity, protection status, and proliferation information, Secure@Source enables organizations to detect abnormal user activities and potential threats from insiders or outsiders with stolen credentials. This correlated analysis further pinpoints the highest priority investments for data security and privacy initiatives. Key Features Sensitive Data Risk Analytics The level of sensitive data risk is determined by analyzing multiple factors including protection status, user access, activity, location, data cost, classification, and proliferation. Organizations can weight each factor according to their own risk-measurement requirements. This analysis produces risk scores that pinpoint the highest risk areas to prioritize remediation activities. Organizations can measure the effectiveness of security investments by tracking how risk scores trend over time. Risk analytics is presented in a highly graphical, visual format that enables quick identification of areas requiring attention. Data Classification and Discovery Secure@Source enables the discovery and classification of sensitive data based on data and metadata patterns and rules. From prebuilt and customizable definitions, organizations define data domains and policies to identify and locate sensitive data including PII, PCI, PHI, and other confidential information. Secure@Source automates the discovery of sensitive data across large numbers of databases, big data repositories, and cloud data stores. It uses flexible, high-performance, scalable scanning to uncover sensitive data and show results quickly and clearly. Data Proliferation Analysis It’s critical to understand not only where sensitive data resides, but also where it’s moving and being replicated to other data stores within the organization and to cloud applications. Organizations may also want to monitor sensitive data flowing in and out of highly regulated countries or between partner and client organizations. Secure@Source analyzes data proliferation from Informatica data flows and provides an aggregated and visual map of sensitive data proliferation, identifying sensitive data that has the greatest proliferation. Secure@Source provides 360-degree visibility of sensitive data through its dashboard (left) and discovers sensitive data from cloud applications, big data repositories, and on-premise databases (right). Collect and Correlate User Access and Activity Correlating information about user access control as well as activity against sensitive data provides a much richer dimension that enables detection of abnormal activities and insider and outsider threats. Secure@Source imports user and user group information from LDAP and IAM systems. It also collects activity logs in CEF, LEEF, and JSON formats across databases, mainframe systems, big data repositories, and SaaS applications to enable detection of high-risk activities. Alerts of High-Risk Conditions Information security teams can define alert rules to notify them when high risk conditions are detected, such as a when a high volume of sensitive data is leaving a highly regulated country. Visual Analytics, Reporting, and Dashboards Secure@Source has a rich array of dashboards that clearly present the state of sensitive data risk to decision makers and stakeholders. The highly interactive and visual interface also lets practitioners drill down and perform detailed analyses of sensitive data risk. Information can be sorted to reveal trouble areas by classification policy, location, region, department, data store, or line of business. These reports let security practitioners and decision makers share a common platform for tactical and strategic analysis and decision making. Security and IT Infrastructure Integration Secure@Source enables you to leverage your existing IT and security assets by incorporating information already captured and stored by other data security solutions, delivering a much richer analysis. The User Activity Summary allows you to analyze user access to sensitive data and detect unusual activities or behavior. Key Benefits About Informatica Prioritize Security Investments Informatica is a leading independent software provider focused on delivering transformative innovation for the future of all things data. Organizations around the world rely on Informatica to realize their information potential and drive top business imperatives. More than 5,800 enterprises depend on Informatica to fully leverage their information assets residing onpremise, in the Cloud and on the internet, including social networks. Organizations can prioritize and maximize their security investments by understanding the highest areas of sensitive data risks, measuring risks over time, and aligning their data security investments, policies, processes, and actions accordingly. Eliminate Costly, Error-Prone Manual Efforts Manually classifying, surveying, and reporting on sensitive data assets is costly, laborious, and error-prone. Automating these tasks lets organizations allocate resources to corrective actions and create more precise, repeatable results that improve ROI on security investments. Streamline Sensitive Data Audit and Governance Secure@Source automates the analysis of critical data assets to support on-demand and trend reports of sensitive data risks and user activity, for data privacy, security auditing, and governance programs. Visibility to Sensitive Data Proliferation Tracking sensitive data proliferation lets organizations better comply with privacy laws and data usage policies. With Secure@ Source, organizations know where their private and sensitive data is proliferating—both inside and outside the enterprise, between partner and client organizations Worldwide Headquarters, 2100 Seaport Blvd, Redwood City, CA 94063, USA Phone: 650.385.5000 Fax: 650.385.5500 Toll-free in the US: 1.800.653.3871 informatica.com linkedin.com/company/informatica twitter.com/Informatica © 2016 Informatica LLC. All rights reserved. Informatica® and Put potential to work™ are trademarks or registered trademarks of Informatica in the United States and in jurisdictions throughout the world. All other company and product names may be trade names or trademarks. IN17_0415_2878_0116