Contents

Introduction to Getvisibility Synergy Pro

Overview

With state-of-the-art machine learning algorithms, Getvisibility combines natural language processing with neural networks. This allows us to classify unstructured data across organisations with unparalleled accuracy and speed.

Using machine learning rather than traditional pattern matching (regular expressions) and dictionary lookup methods allows Getvisibility to understand the context of a document, thereby increasing accuracy. As the neural network does most of the work, organisations no longer must embark on the laborious and expensive task of creating rules and regex hits per department and document type. Getvisibility’s customisable tag set enables users to apply company-specific classification to their unstructured data, which the neural network learns with increasing accuracy. Training of the neural network can be done through our user-friendly interface, eliminating the need for the highly qualified engineers and data scientists associated with traditional methods.

The Getvisibility classification tool is built on sophisticated machine learning algorithms to enable organizations to discover, classify and secure their most sensitive data. The Getvisibility platform combines smart agent technology and machine learning to provide a uniquely powerful solution for data classification and tagging. This is the first solution to enable automated, historical and manual classification with one deployment. This is unique but it also has a very significant value dramatically improving the quality of the manual classification process by leveraging the advanced AI model and understanding of historically created data.

Data Classification Overview

Data classification is a foundational step in cybersecurity threat management. It entails identifying what information is being processed and saved in various data systems. Additionally, it involves deciding the sensitivity of this information and the probable impact should the information confront compromise, loss, or abuse. To ensure successful threat management, organisations must aim to categorise data by working backwards in the contextual usage of their information. The must also generate a categorisation scheme that takes into consideration whether a specified use-case contributes to significant impact to a company's operations (e.g. if information remains confidential, must have ethics, and/or be accessible).

Data Classification Value

Data classification has been used for decades to help businesses make determinations for protecting sensitive or critical data with proper levels of protection. Irrespective of whether the information is stored or processed on-premise or in the cloud, data classification is a beginning point for determining the right amount of controls to the confidentiality, integrity, and accessibility of information based on danger to your business. Data classification permits organisations to assess data based on sensitivity and business effect. This helps the organisation evaluate risks related to various kinds of information. Each information classification level should be related to a recommended baseline set of safety controls that offer security against vulnerabilities, threats, and risks connected with the designated protection degree.

It's essential to be aware of the dangers of over classifying data. Occasionally, organisations may widely misclassify large sets of information by assigning the data with the highest or top classification level. This over-classification can incur unnecessary costs by introducing too many expensive security controls, affecting business operations. This strategy may also divert focus on less crucial datasets and restrict business use of their data via unnecessary compliance demands as a result of over classification.

Getvisibility Products

Getvisibility Synergy Pro & Synergy

The Getvisibility Synergy Pro and Synergy are designed to help your organisation classify and project your data in use, new data and data in motion. The solution works for in-cloud and on-prem applications.

Getvisibility Focus enables automated, accurate and timely legacy data discovery and classification of both new and legacy data. The get visibility solution gives organisations an overview of all their data, tailored to how they want that data to be displayed and monitored.

Getvisibility offers contextual classification, empowering the data with appropriate metadata and enhancing the usage of that data throughout the organisation.

Components

• Data classification levels (levels, descriptions, data examples)

• Risks

• Data Access and Control

• Transmission

• Storage

• Documented Backup and Recovery Procedures

• Documented Data Retention Policy

• Audit Controls

Typical levels

• Public

• Internal

• Restricted or Sensitive

• Confidential

• Regulated or Protected (Optional)

Data Classification Typical Levels

Public

Such data is available for anyone to see, for example:

• Brochures

• White paper/Public Standard

Internal

Such data is generally available to all staff and students, for example:

• Internal correspondence

• Committee papers, meeting minutes

• Internal policies and procedures

Restricted or Sensitive

Accessible by restricted members of staff or students on a need to know basis. Often containing sensitive personal data. Loss of such data results in legal action, reputational damage or financial loss.
Examples:

• Personal/Employee Data

• Business/Financial Data

• Academic/Research Information (i.e. unpublished, or confidential research, or funding information)

Confidential

Accessible only to designated or relevant members of staff due to its potential impact on the organisation that could result in legal action, reputational damage or financial loss.
Examples:

• Payrolls, salaries info

• HR personnel records

• Credit card and financial account information

• Internal investigation information

• Intellectual property

• All legal and attorney-client communications

• Medical records

• Detailed budgets or financial reports

Protected or Regulated

This is a special category to represent multiple regulations, for example as HIPAA or ITAR. Loss of such data results in a major legal action and a massive financial loss. Protection of such information is required by law/regulation or required by the government to self-report.
Examples:

• Sensitive personal data (Physical or mental health, Criminal convictions, etc)

• Medical Research (HIPAA)

• Academic research regulated by Export Controls (ITAR/EAR) export-related security controls on information that is subject to a Technology Control Plan

• Student information classified under FERPA

• Credit card information covered by PCI-DSS rules

• Court or national security orders that prohibit disclosure (e.g., subpoenas, National Security Letters)

Data Access and Control

Data Storage Example of a Guide

Service	Public	Internal	Restricted or Sensitive	Confidential	Regulated or Protected
Default Home (Z:) Drive	Open	Open
Confluence/Wiki
Email
Sharepoint
Full Disk Encrypted Systems
Unencrypted Workstations
Enterprise Office 365

Data Backup

Data Retention

Audit Controls

Sample flowchart for determining Data Classification

Best Practices for Configuration Wizard

Getvisibility comes with out of the box compliance standards shown in the agent.

Organisations can customize the classification options which appear on the end-user agent to align with internal policies or already implemented data loss prevention solutions. This is an optional feature, if you do not wish to show compliance standards in the agent, simply tick the ‘Disable Compliance’ option

Enforcement rules determine the necessity for end-users to classify a document before saving or printing. The enforcement options available are:

Please review all available options in dropdown (like Force, Warn and Log & Ignore),

Keep the checkbox of “User lowers classification level of a classified document” un-checked - This will not allow the end-user to later lower the classification of the document after saving.

Visual labeling refers to the visual changes made to a document once classified. This includes customized:

The Getvisibility Synergy Pro will sit within the ribbon of your Microsoft Outlook application. Organizations can configure how they want this agent to work within their application, customizing enforcement rules and visual markings. You will also notice an option ‘Inherit minimal classification from classified attachment’. This means for example, that if an attached document is classified as Internal, the end-user may classify the email as Internal or Confidential but not as Public.

Same like above for MS Word, Excel and Powerpoint, we follow Enforcement and Visual tagging rule for MS Outlook now

Enforcement Rules

Enforcement rules determine the necessity for end-users to classify an email before sending or printing. The enforcement options available are:

Visual labeling refers to the visual changes made to an email once classified. This includes customized:

Sharing restrictions can be configured through the wizard and enforced through Outlook. Sharing rules are configured depending on the classification level of the email.

This enforces sharing rules for end-users, depending on the classification level of the email. These options are

Exceptions

This is an optional feature which allows administrators to create a whitelist of email addresses that will be exempt from the sharing restrictions enforced above. This is a useful feature in ensuring restrictions do not negatively impact daily operations, while still maintaining a least privileges approach to data sharing.

Select the BLOCK option and create an exception for the internal domain under “Allowed” emails. You can add any internal domain like “forcepoint.com” or “forcegv.com”

For this LAB purpose will select WARN option and create exception for Internal domains under “Allowed” emails and for non-trusted domain (like gmail.com) under blocked emails

You can add “forcepoint.com” and “forcegv.com” under allowed emails list

You can add “gmail.com” under blocked email list

The expected behavior for this rule would be

Always “WARN” user when a CONFIDENTIAL classified email is sent out, except allow when CONFIDENTIAL email is sent to Forcepont.com & Block when CONFIDENTIAL classified email is sent to “Gmail.com”

l. Click RESTART