Finding sensitive data with freeware


When an organization’s network grows to a certain size, its difficult to keep track of every single piece of sensitive information like credit card numbers or social security numbers. In order to find and secure this data, companies often turn to data loss prevention (DLP) services. This is not a viable option for many organizations, though, as DLP services can often be expensive and time-consuming to deploy.

Such organizations are not entirely without options: a recent article on Dark Reading lists several DLP tools authored by teams from various universities, all free to download and use. Programs like The University of Texas at Austin’s Sensitive Number Finder and Virginia Tech’s Find_SSN were designed to find pieces of data on computers and servers formatted in ways typical to sensitive information (xxx-xx-xxxx for SSNs, for example). This approach can often lead to false positives, so some measure of human control is required. They are also incapable of scanning application servers or other forms of data in transit. Cornell’s Spider can scan various application server types using different protocols. When used in conjunction, all of these apps can help secure your data without the expense of outsourcing the job.

Comments

  1. ^(?!000)([0-6]\d{2}|7([0-6]\d|7[012]))([ -]?)(?!00)\d\d\3(?!0000)\d{4}$

    My google-fu is mighty, here is a RegEx library website:

    http://regexlib.com/

    grep is still freely available, right?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 94,628 other followers