Data Leak Assessment
Need A Corporate Data Leak Assessment? Call ComSec LLC at 800-615-0392 !
Are Your Sensitive Corporate Documents and/or Data Publicly Accessible?
Our Corporate Data Leak Assessment uses Open Source Intelligence (OSINT) techniques to identify sensitive corporate documents and/or data from company website(s) and/or network(s) that are publicly accessible. Whether the corporate documents and/or data were stolen, leaked or otherwise unintentionally became accessible or visible on the open Internet, the company is at risk simply because the information is publicly accessible.
Many companies are unaware that their sensitive company documents and/or data are publicly accessible until:
- A Data Leak Assessment is performed; or
- The company’s information and/or data is used to their detriment and the company must take action.
When Was the Last Time Your Company Performed a Data Leak Assessment?
What Exposures May Your Company Be Unaware Of?
A ComSec Data Leak Assessment will arm your company with valuable information to improve network security controls, and reduce corporate exposures.
Data Leak Assessment Process:
- You provide the company’s standard for documents and data deemed sensitive;
- We develop a list of keywords with your team’s input (e.g. confidential, for internal use only, limited distribution, e.g.);
- We create custom search engines and conduct tailored searches for your company information and data;
- Initial scans are conducted on the Internet, including the deep web and the dark web;
- We provide a report with the results for the initial scan; and
- Periodic or incremental scans can be provided to detect new exposures over time.
Data Leak Assessment Strategy:
The strategy of the OSINT Data Leak Assessment is to assess the type and amount of sensitive company information on the Internet that can be obtained for free by legal and ethical means. The client can then use this information to examine company network security controls, correct issues and take action to remove the discovered information from the Internet. And, by implementing periodic or incremental scans, the company can improve both their time to detection and responsiveness to these types of corporate cyber threats.