Data Loss Risk Assessment

Our Assessment Methodology
We have designed 6 phase methodology to carry out the Data Loss Risk Assessment. The following diagram displays a visual view of our assessment methodology.

Phase I – Obtain Organisation or Regulatory Requirements
The first step in our methodology is to identify organization or regulatory requirements that increase the organization’s risk of non-compliance and exposure. Our search can help identify data for several well-known requirements including but not limited to various compliances. We have the capability to build custom search rule-sets. Both types of search rule-sets will be used in Phase 4.

Phase II – Obtain Policy Requirements
The second phase in our methodology is to obtain the organization’s policies. Our consultants will review the policies and build a “search” rule-set for use in phase 4.

Phase III – Obtain Classified Data List
The third phase in our methodology requires our consultants to work with your organi¬zation and obtain a list of specific classified data search items. Non-Public Data (financial, busi¬ness, HR, legal, and regulatory data), Personally Identifiable Information (credit card information, personal data) and Intellectual Property (patents, trademarks, design plans) are examples of custom search data rule-sets that can be created. This information will be used to generate a custom search rule-set for use in phase 4.

Phase IV – Configure and Execute Discovery Scans
Once phases 1, 2 and 3 have been completed, Benelec consultants can configure initial policy for Data-in-Motion and/or Data-at-Rest to identify company policy violations. The scanning and monitoring processes can take several days to several weeks. Once the information is col¬lected, the analysis phase can begin.

Phase V – Analyse Results
The Analyse Results phase is the process of reviewing “flag” information. This process is manual and is part of a decision process to filter out false positive items. Policy violations are recorded and packaged for future investigations. The results from this phase will serve as input for the next phase of “Report Generation.”

Phase VI – Generate Report
The final phase is Report Generation. Based on our Analyse Results phase, Benelec consultants will draft a findings report with all the identified policies violations.

Deliverables
The deliverables for this assessment include a report and presentation summarizing identified findings and recommended solutions. The Benelec Data Loss Risk Assessment identifies areas of Very High, High, Medium or Low risk of data across endpoint, network and storage systems by data type, based on your evaluation of potential severity and your actual frequency of data loss.
Benefits
  1. Prevent Data Leakage - Prevent accidental or malicious loss of data by insiders or hackers, even when data disguised.
  2. Facilitate Early Risk Detection and Mitigation – Conducting the Data Loss Risk Assessment will help identify data leakage and will help ensure information is in its proper place.
  3. Reduce Cost of Investigation and Reputation – The Data Loss Risk Assessment can help reduce costs in investigating data loss and it can reduce the expenses in rebuild losses due to reputation damage.
  4. Increase Comfort Level and Confidence with Senior Management – Implementing DLP controls will help assure senior management that proper security safeguards have been implemented, allowing them to concentrate on company’s core business.
Strategic Consulting

Quick Contact