Sensitive Data Discovery

Do you really know where your sensitive information is on your network?


It is impossible to protect sensitive data if you don’t know where it is.

Get a handle on all of your sensitive data

Most companies know where sensitive data is supposed to be. But in the complex world of IT environments data flows and resides in unexpected places. Most concerning is when sensitive data finds its way into unsecured files on desktops, laptops, servers used for other purposes.

Sensitive Data Discovery and Classification is a first step in incident response readiness planning, developing compliance strategies for PII and electronic discovery (litigation) readiness. It assists your organization in becoming both secure and compliant and helps you define the requirements for a data leak prevention strategy.

Our Methodology for Sensitive Data Discovery and Classification

Sword & Shield analyst provides you with data oriented visibility across the various database and file servers employed within your enterprise. Sword & Shield uses software tools and manual processes to assist you in obtaining tighter control over confidential data through the following processes.

  • Identify the sources of confidential data
  • Securely profile user specified data sets
  • Assign data categories and classification
  • Identify copies and subsets of confidential data in enterprise file and database servers
  • Mitigate risk

Our tools use a combination of data signatures, custom specified search terms, and a secure profile of your organization’s valued data to eliminate false positives and identify exports of your sensitive data to:

  • Office Documents
  • Enterprise and Personal Databases
  • E-mail

Contact Us

Get in touch with us to discuss how Sword & Shield can help you find and secure your company’s sensitive data.

Request Consultation

Customer Focus
Rapidly growing retailer attains PCI and HIPAA compliance

A rapidly-growing retailer with more than 600 storefronts that processes a large number of credit cards for payment of services rendered involving private health information must comply with both PCI DSS and HIPAA.

However, because much of their rapid growth was as a result of acquisitions, their IT department was limited in its understanding regarding where PCI and PHI data were located on the enterprise network.

Sword & Shield located the sensitive information, classified the data, reviewed and revised policies to contain the data while allowing employees to do their jobs. This was a first step toward being compliant with PCI and HIPAA. We were also able to use the information to assist the company in creating an incident response plan and a litigation readiness plan which will reduce the overall recovery expense should the company experience a breach or find themselves in litigation.

Find All of Your Company’s Sensitive Data

Request a Free Consultation for our Sensitive Data Discovery services.