April has been an exciting time for all of us at Metomic as we make continuous improvements to our product.
This month, we’ve implemented new filters and upgraded your alerts so it's even easier to protect your sensitive data.
Our filters help you to find the data you're looking for quickly and easily. And we've now expanded our range so you can really zoom in on the risks that matter to you.
For instance, you can now search for files in Google Drive that have been shared with more than one external user, giving you more visibility over who has access to what.
Get a more granular view of your assets with our newest filters:
Message Size Estimate
Pull Request Number
Pull Request Review Comment Line
Number of Shared External Users
Number of Shared Internal Users
Message Reply Count
Message Reply Users Count
When violations happen, you want to be able to get to the problem quickly.
Our improved Slack alerts help you go directly to the issue, rather than scrolling through a list of violations. You'll be able to decide what actions to take straightaway, making it easier to get to the heart of the issue.
We were as shocked as anyone to see the news that US government secrets were leaked recently on Discord.
It's easy for us to forget how dangerous internal data leaks can be, with many companies thinking that the biggest threat comes from the outside. The Discord Leaks was the unravelling of the Defense Department’s internal data security protocols, which resulted in hundreds of pages of sensitive and secret material being shared on a private Discord server. It transpired that an IT maintainer, in order for him to maintain IT systems, had access to all classified material inside the Pentagon's intranet of secrets.
The Defense Department has since commented that it will add restrictions on classified material and allow fewer people to access it. However, this doesn't address a core part of the problem, which is that firstly, the speed at which data leaks are detected is far too slow, and secondly, identifying who leaks data doesn't seem to detect insider threats (which is what happened with the Discord Leaks). Ensuring that your organisation has controls in place to stop sensitive data from being shared internally should be a critical part of your security team’s process.
What do you think? I'd love to hear your thoughts.