Data compliance & data risk management (CISO)

Data compliance refers to the adherence to laws, regulations, standards, and policies governing data collection, storage, use, and dissemination. It ensures that an organization handles and protects sensitive information per established guidelines, including personal data privacy laws, industry-specific regulations, and company policies. Data compliance aims to protect sensitive information, ensure data security, maintain the privacy of individuals, and reduce the risk of legal consequences in case of data breaches or misuse of information.

Regular malware scanning is integral to an overall data security strategy and can help improve an organization’s overall security posture by identifying and mitigating potential security risks.

Our customers use the following options to defend their data in real-time.

Quarantine infected files (#)

A quarantine approach is a security technique to isolate potentially harmful data to prevent it from spreading and causing damage to users. To protect data using this approach, the following steps are needed:

  • Data scanning: All incoming data is scanned for potential threats in real-time. All existing data is scanned regularly.
  • Isolation: Infected data is moved to a separate, isolated location, known as a quarantine bucket, where it can be further analyzed and dealt with.
  • Analysis: The isolated data is thoroughly analyzed to determine if it is malicious and how it can be neutralized or removed.

By using a quarantine approach, organizations can reduce the risk of malware infections and maintain the security and integrity of their data.

Setup (#)

  1. Follow the Getting started guide (reporting part is optional).
  2. Install the Quarantine infected files Add-On.

Summary (#)

ProsCons
Thorough analysis and evaluation of the malware, leading to complete removal of the threatTakes more time to complete
Ability to maintain a record of the malware for future reference or analysisRequires staff trained to deal with infected files
Reduced risk of data loss caused by false positives

Delete infected files (#)

Deleting infected files as soon as detected is a low-effort approach.

Setup (#)

Follow the Getting started guide (reporting part is optional).

Summary (#)

ProsCons
Quick removal of the threat, reducing the risk of further spread and damagePossibility of false positives, leading to deletion of benign data
Minimal analysis and remediation timeLack of a thorough analysis of the malware
Eases the process of ensuring compliance with security policies and regulationsRisk of data loss if the malware is deeply integrated into the data

Reporting only (#)

Instead of removing the threat, you can also minimize the impact by only observing the data using reporting capabilities of bucketAV.

Setup (#)

  1. Follow the Getting started guide.
  2. Set the DeleteInfectedFiles configuration parameter to false.

Summary (#)

ProsCons
Minimal impact on the data lake, reducing the risk of data loss or false positivesDoes not remove the malware, leaving the data lake at risk of further spread and damage
Ability to track and analyze malware trends and patternsDoes not provide a thorough analysis of the malware, which can limit the understanding of the threat
Low resource requirements for maintaining the approachMay not comply with security policies and regulations requiring the removal of malware from the data lake.

Need more help?

Write us, and we'll get back to you as soon as we can.

Send us an email