As more companies begin using Google Drive (Docs) as their primary cloud file server, they need the ability to identify and protect Personally Identifiable Information (PII) stored and shared in Google Docs, and govern the 3rd party applications with access to this data.
Personally Identifiable Information (PII) is information that can be used to uniquely identify, contact, or locate a single individual. A few examples:
- Credit card numbers
- Social Security numbers
- Phone numbers, addresses, and other sensitive data
The importance of protecting PII is a not just a “common sense” best practice. Keeping PII secure is also dictated by many regulations and privacy laws including:
PCI DSS – The Payment Card Industry Standards Security Council requires organizations that handle payment cards to comply with security standards and protect the private information of bank card holders during any transaction. This regulation requires that organizations secure all information related to cardholders regardless of the location of the data.
FISMA – The Federal Information Security Management Act requires government agencies to develop information security practices to protect sensitive and private information that support the operations and assets of each agency.
FERPA – The Family Educational Rights and Privacy Act is a federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.
Many other regulations such as SOX and CIPA also require organizations to identify, classify and secure sensitive information to be able to comply with these and many other regulations as well as internal governance and Acceptable Use Policies (AUPs).
All of the above-mentioned regulations clearly indicate that they apply to all data that organizations create, store, and process regardless of media and the location of the data. As more and more information is stored in the cloud, organizations are now required to extend their security practices to data stored in the cloud, and the 3rd party applications that can access this data.
CloudLock Compliance Scan is the industry-first pattern matching engine that identifies, classifies, and secures very sensitive information including Personally Identifiable Information (PII) like Social Security Numbers, PCI data like Credit Card Numbers, and any custom regular expressions, allowing Google Apps customers to address auditing and compliance requirements in Google Drive (Docs).
Google Apps provides an opportunity for enterprises to transform the way they deliver IT. The platform extensibility and rich ecosystem of 3rd party applications allow employees to work the way they live. Enterprises can accelerate and multiply the ROI of Google Apps by allowing their employees to adopt the web and mobile apps that make them most productive.
CloudLock Apps Firewall gives IT the peace of mind that employees can use the apps they want securely, establishing safeguards around apps that access accounts and data. CloudLock Apps Firewall discovers all web and mobile apps authorized by all users, provides the ability to classify them based on risk profile and Community Trust Rating, increases employee awareness with email alerts, and allows IT to revoke apps in bulk.
For a step-by-step guide on protecting data in Google Drive, see “How To Secure Data in Google Drive.”