Where does your most sensitive data reside? Learn how to find out here

Improved management and protection of data under The General Data Protection Regulation (GDPR) directive naturally emphasizes the requirement for companies to know exactly where their data is held. Under GDPR, a blinkered approach as to where data inhabits will no longer satisfy the European Commission.

Cybersecurity-based analysis evidence that most of an organization’s sensitive business data exist within:

  • Your own devices such as desktops and laptops
  • In-house data-banks, computers, and USBs
  • Shared drives and corporate file servers

Without even trying, organizations are amassing data, with the consequent requirement for its storage. Sensitive data includes anything that is created, scanned, printed and stored, and incorporates USB sticks, drives, back-ups, and the contents of filing cabinets!

Follow our helpful step-by-step guide to finding out where your company’s Personally Identifiable Information (PII), Intellectual Property (IP), and Corporate Financial Data (CFD) are stored, including who to ask and where to find them:

  • Locate data owners internally within your organization by talking to departments such as IT, HR, Accounts, and Order Fulfilment.
  • Consider third-party services such as Pension and Insurance Providers.
  • Understand if the data owners are data controllers only, or if they additionally process the information.
  • Enquire as to what data is held, where it is stored, and how often it is accessed.
  • Seek to understand who has access to it and who has authority to send data outside of your company.
  • Establish whether your business entertains ‘Automatic Processing.’

Once you have located your data, what measures should you be taking to keep it safe?

  • Appropriately classify the data. Classifying will support you in maintaining appropriate control.
  • Impose a Principle of Least Privilege (PoLP) for access to the data.
  • Audit and track data use through advanced Data Loss Prevention (DLP) Solutions
  • Check that you have suitable protection surrounding any ‘Auto Processing.’
  • Ensure that you understand your data life-cycle and the significance of the ‘human-dimension’ within security.

With these crucial internal processes and subsequent measures in place, introducing a sophisticated solution to Data Loss Prevention (DLP) will further alleviate your security concerns, protecting you, your people, your environment, and the data within it. Businesses are unique, and so your DLP solution should be built to support your personal business requirements.
Comodo Cybersecurity proposes a Cybersecurity solution that protects consumer information, IP, and subsequent proprietary data. Our DLP assists you in the safeguarding of data whether it is moving, active, or at rest and can be tailored for SMEs, devoid of any IT footprint or security staff.
We feature a cloud-delivered on-prem DLP that will protect your organization against theft and accidental leakage, assisting you in adhering to GDPR and other pertinent directives, reinforcing consumer trust through competent operations.


Considering complementary security controls? Comodo Cybersecurity can support you with this.

We will work with you to understand your security-based vulnerabilities and help you to solve the business-critical challenges that you face.


Differentiated by our unique approach. It’s what makes us successful.

For additional information on Comodo Cybersecurity visit www.comodo.com


Leave a comment Your email address will not be published.