Create a Data-Aware Culture
Discovery of sensitive data (PI, IP, PII, PHI, PCI, and others) is a critical first-step in the battle to keep sensitive data private, secure, and in compliance.
Quantum's data-centric approach to security focuses your investment around protecting the most critical data. Continuously discover data across every endpoint and cloud platform, use smart on-device inspection to classify it, and enforce policies for proper data handling.
The Quantum Data Security agent creates a mesh network and securely reports telemetry and metadata back to the Quantum platform for analysis. Best practice and customer-defined policies are pushed to each endpoint that enforce encryption, redaction, quarantine, and alerting actions defined by the policy – ensuring your data always has proper protection.
Uncovering data across all of your enterprise and cloud assets is an important first step in properly identifying security risks. Discover data on all endpoints (server and client) as well as in all major cloud services.
The Quantum Data Security agent will inspect the file systems on your Windows, Linux, and macOS endpoints.
Leverage out-of-the-box integration with common applications and search data stored in any database with an ODBC-compatible driver.
Analyse any file type (structured or unstructured), inspect thousands of different database types, and crawl a multitude of cloud services.
The Quantum Data Security agent can also be configured to scan data stored in cloud collaboration and storage platforms, such as G Suite, Microsoft 365, Exchange, and more.
Scan cloud data repositories like Amazon S3, Box, Dropbox and more. Additionally, scan other git-compatible source control repositories to ensure no sensitive data is embedded in the code of your applications.
Identify sensitive data within files using advanced pattern matching and inspection techniques. Use our robust out-of-the-box rule library or create custom rules from Regular Expressions patterns, metadata signatures, keyword array matching, multi-pass rules, and many more. Then classify each type of data to inherit remediation and alerting policies.
Create rules using Regular Expressions, keyword dictionaries, metadata signatures, and more.
Leverage built-in and custom functions to truly validate a match, thus limiting false positives.
Gate conditions and short-circuit complex logic to optimise CPU load on the scanning endpoint.
Assign custom classification tags and set define zones in which data of a given class is permitted to reside, the permitted staleness of data in a zone, and more.
Once data has been discovered and classified, you can configure one or more of the following actions: encryption, redaction, quarantine, or alerting.
Encrypt data in place using a zone-specific or single-use key. It can be decrypted for review and final disposition and kept protected by encryption until review.
For some types of data, it may be appropriate to simply redact the information from the file. This can also be used in conjunction with other rule actions.
Files can either have permissions set that prevent user access or can be securely relocated to a specified network location for further review.
For early-maturity rules, simply sending an alert for manual review is often the safest course of action. Again, this action can be used in conjunction with other actions and eventually replaced when the rule reaches maturity.
Basic plus:
Professional plus:
Our cybersecurity experts are ready to understand your needs and walk you through our strategy and approach. In addition, gain knowledge of your cybersecurity and risk posture with our free cyber health check.
Get a Demo Request a Free Cyber Health Check