MinerEye VisionGrid

We never have seen an organization that really wanted to do data classification – except, perhaps, the government. It is a tedious job that requires discovering and classifying hundreds of thousands – or more – of documents, determining their individual ownership and then assigning a classification. In a large, older company, the legacy documents easily can run to the millions. 

Once the legacy documents are under control, there needs to be a plan for classifying documents as they are created. Finally, data leakage protection needs to be in place to take advantage of the classifications. It's no wonder that many, if not most, organizations skip the classification and tell the data leakage prevention (DLP) device to block anything that has a credit card or Social Security number in it. It is equally understandable that many organizations never go through the exercise at all. Of course, if there are regulatory requirements to address, you must do something. Unfortunately, that often means taking the easy way out. VisionGrid changes all that in a very unique way. We begin with the old school approach for context.

The typical way to manage data leakage is to figure out what you don't want to leak. Historically, that has meant doing a couple of things. First, you decide what shouldn't leak – based on common sense and regulatory requirements – and then you figure out who owns those data and documents and tell them to stary classifying. Typical DLP cares more about user behavior – did the user put a list of SSNs on a thumb drive? – than it does about the data. Of course, it's the data that determine how we classify, but that is a static thing. If there is an SSN, we call the document sensitive or confidential. That part is easy.

Product VisionGrid 

Company MinerEye 

Price Starts at $65/user/year for 500 users. 

What it does Sensitive data discovery based on data behavioral profiling rather than user behavioral profiling. 

What we liked This is a completely new aproach to sensitive data discovery in the enterprise. 

The bottom line VisionGrid views data simply as data – bits and bytes – and profiles those data based on comparison with a known model of similar data.

But, what if you have a lot of free-form text lying around that talks about company secrets or protected health information (PHI) that isn't as cut and dried as a Social Security number? Do you have to read everything just to be sure? Of course you should, but nobody does and there is a lot of legacy data that should be classified but never is.That's where VisionGrid enters the picture – and almost immediately that picture gets clearer and stays that way.

Because VisionGrid doesn't care what the data are, it can classify pictures, words, multi-media files – in short, anything that is made of bytes. Once it has learned what a particular byte pattern looks like, it can pick out all documents or files that contain that same pattern. It does not matter how the file is oriented – a picture of a worker's face taken straight up for an ID card can be selected from a group picture that includes the worker and is identified, for example. And it does not care about how the bytes got where they ended up. It could be a piece of code (pretty much any language will do), a jpeg of a web page. It's the bytes that count – nothing more.

The first step is to group similar data – data that has something in common. Then, decide how to classify your exemplar data. Finally, scan it with MinerEye. Once that is done, VisionGrid can scan every file in the enterprise and those that contain the byte pattern go in the group. 

At this point, VisionGrid starts caring about file behavior. Confidential files are not supposed to be handled with organizational policies. But there are times that sensitive documents must be altered for legitimate purposes. The spreadsheet with the organization's financial summary on it is valuable. It's also very sensitive. That's pretty easy to grasp. 

But what happens when the controler plays “what-if” against next year's budget? That usually means fiddling around with the spreadsheet and saving a copy of the fiddled sheet as a work sheet for budget development. The copy is as sensitive – some would argue more sensitive – as the original. What happens if the controller forgets to classify the copy? With VisionGrid it doesn't matter. Once the tool has learned the byte pattern in a nonchangeable part of the document, it will do the rest.

Along with the necessary accoutrements for learning, classifying and identifying data, VisionGrid has a host of displays and built-in dashboards and logs. Overall, this really does set the bar for the next generation of data classification tools, all the better because it plays nice with other products, such as DLP tools.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.