SharePoint cannot provide a comprehensive solution for the identification of Personally Identifiable Information (PII), Personal Healthcare Information (PHI), ITAR, For Official use Only (FOUO) or other types of organizationally defined sensitive information, making them ideal candidates for security exposures and available to unauthorized internal or external users during the search process. Information protection and security are becoming higher priorities in most organizations.
Regardless of industry, sensitive information exists in many forms within an organization. The most serious is PII and PHI, but may also include content about new product development, Board of Directors reports, mergers and acquisitions, or any confidential information that the organization would like to protect from unauthorized viewing or use. In all cases, the organization faces increased risk, potential financial liabilities, and loss of brand. According to analysts, email is no longer the number one source used in eDiscovery requests but the new forms of social networking tools are rapidly creeping up the list.
Although detection of patterns are provided as features of most security applications, often it is the verbiage and additional descriptors that are unique to the organization that are typically not caught in preventing data breaches. How are you handling?