Find and monitor sensitive data in OneDrive and SharePoint
Enable cloud-based collaboration without jeopardizing data security and compliance
Microsoft 365, OneDrive, and SharePoint can become a mess
of unprotected sensitive data and tangled permissions. As a result, trade secrets, financial information, or customer PII can hide among thousands of documents, which then can be shared easily internally or externally.
Dig offers you transparency into which sensitive data is stored where, how it is labeled, and who can access it – so you can move more mission-critical processes to the cloud with confidence.
Discover sensitive data across unlimited One Drive accounts and SharePoint sites
Is there a CSV with customer emails addresses in that Marketing folder? Is there a code snippet with an API key in that SharePoint site? We’ll help you find out.
See who has access to what data and manage active links
Data in Microsoft 365 is meant to be shared, but security teams also need visibility and control over it. Dig shows you exactly who can access records that impact your compliance or security posture.
Find mislabeled files and improve your labeling conventions
Dig integrates with Microsoft 365 labeling and Azure Information Protection (AIP) to audit your organizational classification scheme, identify cases where files are labeled incorrectly, and suggest ways to improve labeling.
Security Scenarios
Understand how Dig defuses common data security risks in Microsoft 365.
A CSV file is mislabeled “restricted” despite containing trade secrets, leading to excessive permissions
Risk
Sensitive data leakage, compliance violations
Dig Solution
Alerts security teams to the mislabeled file, and suggests labeling the file “confidential” to restrict access
A salesperson uploads a spreadsheet with confidential customer data into a shared folder
Risk
Overly-permissive access to customer data, data breaches, GDPR/CCPA violations
Dig Solution
Alerts security teams, checks for residency and other compliance violations, and continuously monitors access
A database API key is uploaded to a SharePoint site used by developers
Risk
Data exfiltration, credential theft
Dig Solution
Alerts security teams, and continuously monitors access to the SharePoint site
Security Scenarios Dig Solves for Customers
Understand how Dig defuses common data security risks
Shadow backups on S3
Security Risk
A database containing PII has been replicated to an unencrypted S3 bucket, which isn’t managed by the central engineering organization
Dig Security Solution
Dig automatically discovers the S3 bucket containing the shadow backup; classifies any sensitive data contained in the backup; determines the risk level (compliance violation); and alerts the security team.
Sensitive data on unmanaged data store
Security Risk
To test a new use case, a developer has spun up an EC2 machine, installed a PostgreSQL database on it, and loaded customer data into the database.
Dig Security Solution
Dig identifies any virtual machine that has a database installed on it; scans and classifies the data within the PostgreSQL instance; and alerts the security team that sensitive data is being stored in an unmanaged database.
Data exfiltration
Security Risk
An orphaned snapshot of an unused database,
which has not been accessed for a long time, is now being shared with an unfamiliar account.
Dig Security Solution
Dig identifies the breach in real time and alerts security teams, which can take steps to contain the attacker and prevent further data loss.
How it Works
Dig Protects Your Data Everywhere
Microsoft 365 is just one piece of the puzzle.
Dig Security on AWS
Dig Security on Azure
Dig Security on GCP
Dig Security on Snowflake
Dig Security on FileShare
Make data security an integral component of your cloud strategy
Schedule today a call with an expert. We’ll help you understand the current threat landscape, and discuss ways to reduce the risk of a data breach.
Let’s Talk