For a 1-year subscription on a single PC. Pricing is on a per-machine basis. By Fahmida Y. Rashid If thieves get their hands on your laptop, will they discover a gold mine of personal information or a barren workspace? Data Recon Standard Edition from GroundLabs ($179 per machine per year) is a lightweight scanning tool that looks for files containing credit card numbers and other potentially sensitive information stored on your computer. The software then helps you either move the data elsewhere or delete the files permanently. Considering that a significant percent of data breaches and exposures occur when an unauthorized user stumbles upon forgotten files on a laptop or file server, small businesses should definitely track down these potential landmines before an incident, and Data Recon is a good way to start.
Data Recon goes a little further than PANscan, another lightweight scanning tool that looks for sensitive pieces of information. Data Recon can handle a broader variety of data types. It is not, however, as robust as Editors' Choice Identity Finder's Data Discover, but it does share many of the award-winner's scanning and remediation capabilities.
There are enough differences between Data Recon Standard Edition ($179) and Advanced Edition ($399) that they need to be considered separately. This review focuses on Data Recon Standard Edition for one Windows target (which I explain below). Standard Edition allows scanning on Windows workstations and servers, and Linux machines. I get that Macs are a whole different beast, but with more people carrying sensitive data on their pricey Macbooks than ever, I wish Data Recon (and the marketplace in general) would stop ignoring this user segment.
Data Recon Standard Edition can search through text files, multiple encoding types, office documents, compressed (zip) files, local database files, emails stored in client software such as Outlook, and a few other formats. If you want to scan, say, webmail or email servers, you need the Advanced Edition. Once sensitive data is found, Standard Edition allows you to mask data elements such as credit card numbers, quarantine the file in a secure location, or permanently delete the file. I like the fact that all the remediation features are the same, no matter which edition you choose.
Getting Started With the Software
Pricing varies by the number of systems the software will scan, and this could get expensive very quickly, especially for smaller businesses. The base Data Recon Standard Edition price of $179 provides a 1-year license to scan one target system. The license is tied to that target's MAC address or hostname. If you buy a new computer midway through the year, you need a new license. If you want to scan a laptop and a Windows file share where employees keep their data, that counts as two targets. You can't fool the software by mapping the file share as a drive on the computer, either.
To scan multiple systems, Data Recon offers licenses for 3, 10, 25, 50, 100, 175, and 250 targets. Cost per target drops progressively, so a 3-target license comes out to $119 per target, or $357 for the year; a 10-target license becomes $109 per target, or $1,090 a year; and so on, up to a 250-target license for $59 a target, or $14,750 a year. This is an important service, but it's definitely not cheap. You need to think carefully about where you need to run this software and plan out how many targets you will need. If you aren't sure whether you need the Standard or Advanced version, you can request a free trial license from the website.
The GroundLabs customer support portal lists links for a 32-bit or 64-bit version of Data Recon, and you can decide whether you want to work in a command line or a graphical user interface. I stuck with the GUI and popped in the hostname to generate the correct license. The entire software is a single executable—nothing to unpack or install—and you can see all the licenses associated with your account listed in one place. I love how lightweight the whole thing is.
Scanning Rules, Options
When you run the Windows executable, it opens up a simple window with six icons for data types, and six search settings. Clicking on each icon or option opens a modal window with various options. You make your selections, hit the Search bar at the bottom, and just wait for the scan to finish. Depending on your settings and the number of files selected, your scan can take anywhere from 30 minutes to several hours.
Under Card Holder Data, you can define credit card types (Mastercard, American Express, and so on) and issuing country. Under Bank Account Data, you customize the search with tax file numbers, bank account numbers, and the bank routing numbers. National ID contains options for searching for U.S. Social Security numbers, Canadian Social Insurance numbers, United Kingdom National Identity numbers, and other similar numbers from other countries.
Personal Detail is perhaps the most useful section. Here you select mailing address, telephone number, email address, driver's license number, date of birth, login credentials, and passport number. There is also a section to identify health plan information, such as the health insurance claim number and plan identifier.
The final icon opens up a rules engine to define custom data types, which means you can specify a specific string or phrase that you want to search on (for example, "confidential" if you want to make sure you don't have files marked confidential on your laptop). If you want to search for a specific Social Security number (as opposed to any nine-digit number), or an actual address, you can specify that under the custom data type section.
Next: Data Recon Reporting and Remediation
No comments:
Post a Comment