Part of the preparation to purchase any software requires some requirements analysis. What am I hoping to get from this? What benefits am I looking for? We go through RFIs, RFPs, POCs, and diligently map our requirements to the solution before making our decision.
But, once purchased and put into place, how do you measure the effectiveness of your investment?
The end goal of implementing a data classification solution is to help ensure that your sensitive data is secure and that both users and automated processes make the right sharing and handling decisions. The ability to monitor the usage of your classification solution (the trends in user behavior, the success of deployment, the machine health) is vital to ensuring you are getting the most out of your investment.
The reporting dashboards available in TITUS Classification Suite allow administrators to monitor and manage classification usage and take action should you identify risky trends. The reporting dashboard provides quick answers to the most frequently asked questions, while also allowing further investigation through dynamic filtering.
From the dashboard TITUS administrators will can quickly discover:
- What is the classification profile and distribution of my data? In addition to offering visibility into the sensitive data footprint, it may offer the opportunity to improve classification policies. For example, you might find that users are over-classifying files (you expect that ~25% of your files should be restricted, but you see the actual percentage is closer to 45%); given the additional security resources and policies around sensitive data, over classification may come with significant additional costs. You may choose to re-educate your user base on the various levels of sensitivity, choose to implement more automation, or change your classification policies. You could alternately address under classification in similar ways if you see that the footprint of a specific level of classification is much lower than expected.
- How many downgrades are my users performing? Monitoring downgrades offers insight into risky user behavior and alarming trends, allowing you to address problems with users themselves or by changing user’s privileges. However, it may also point to additional training requirements, or even identify potential issues with classification policies that need to be updated.
- Which warnings are being triggered by my users, and which events are being prevented by the system? The dashboard grants visibility into the alerts of interest, showing the most commonly encountered alerts, which are being prevented, and any trends which may require closer examination or monitoring. Monitoring these events provides insight into how your users are handling sensitive data, and whether they are doing so appropriately. In doing so, you may choose to change an alert from ‘warn’ to ‘prevent’ (or vice-versa), or provide additional training to the users regarding the security rules on the treatment of sensitive data. You may also choose to update warning messages and descriptions displayed to users to further educate them while they are actively handling data.
- Where is my data stored? Is my cloud data appropriately classified? Is there sensitive data in low security folders on the network? Knowing where your data is – whether on premise or in the cloud – is a vital first step in understanding your data footprint and ensuring that your data is secured based not just on its content, but also its location.
- Is TITUS classification running successfully across my organization/users, and what are the active versions running? Together, these provide insight into any machines that may be experiencing intermittent or consistent issues running the software, as well as machines that might not be running the correct version (for example, identifying which machines might not have properly received an upgrade). The ability to monitor and resolve these issues ensures that your investment in classification is utilized as expected across your organization.
The native reports provided within the TITUS Classification Suite provide insight into how your users are managing and sharing your most sensitive data while empowering your organization to foster and enforce a culture of security within your user groups.