Smartcrypt Data Discovery
Find, protect, and control sensitive data
As enterprise data volumes continue to increase, cloud services and mobile devices are fundamentally changing the way we store and access information. With each step we take into our new digital environment, we create new opportunities for sensitive information to fall into the wrong hands.
Traditional solutions like network and device security are all but obsolete when an organization’s network is the internet itself. A new approach to information security—based on data discovery, classification, and protection that applies to sensitive data itself—is the key to remaining secure and competitive in a rapidly-changing world.
Until now, however, data discovery technology has provided limited value to the companies that use it. Discovery products that simply generate lists of files containing sensitive data leave organizations searching for additional solutions that can actually protect the information.
Integrated discovery and protection
PKWARE’s Smartcrypt combines discovery and protection into a single workflow, making it easier than ever before to find and secure your organization's critical data. Whether sensitive information is stored on file servers or endpoint devices, Smartcrypt can identify and protect it as soon as it appears, ensuring that only authorized users will be able to access it.
Smartcrypt's integration with Boldon James Classifier allows organizations to add classification tags that indicate which files contain sensitive data and howthose files should be used. Classification can be handled automatically as part of the discovery and protection process, or end users can add tags manually to indicate that files require protection.
When discovery is integrated with classification and protection, each process becomes more effective and easier to manage. Discovery becomes more than a simple reporting function, and encryption can be automated, eliminating extra steps and the possibility of human error.
How it works
Smartcrypt uses a software agent to continuously monitor storage locations for sensitive information. Each time a file is added or modified, Smartcrypt initiates a scan based on the organization’s definition of sensitive data. If the data fits one of the defined patterns, the system can initiate classification via Boldon James Classifier, and apply encryption, masking, or other means of protection.
Data discovery can be configured to monitor network storage locations and employee devices like laptops and tablets. The discovery and remediation process is transparent to end users, while PKWARE’s Smartkey technology ensures that the organization maintains complete control over encryption activity.
Data discovery and encryption are handled by software agents installed on file servers, network-attached storage, and endpoint devices such as desktop and laptop computers. The same agent handles discovery and encryption, eliminating the need for multiple solutions.
After the Smartcrypt agent is installed, administrators can configure data discovery for all Smartcrypt instances or for selected users and storage locations.
Administrators use the Smartcrypt Manager console to define discovery and encryption policies for individual users, user groups, or locations.
Discovery policies define which forms of data should be identified as sensitive, while encryption policies govern which encryption keys are used to protect files containing sensitive data.
End User Experience
When discovery is integrated with encryption, the process is automatic from the end user's perspective. Any files containing sensitive data on a user device will be encrypted according to the organization's policy, without the need for user intervention.
Users who attempt to open an encrypted file in a network storage location will only be able to do so if they have been granted access to the key that was used to encrypt the file.