The connection to Google services for G Suite (GDrive/Gmail/Calendar) is done through the following process. This is connection process using he API for Spirion to Google - https://my.spirion.com/help/enterpriseconsole/index.htm#3594.htm?Highlight=google
When downloaded to the desktop you can view its Tag (Data Classification) using Windows Explorer.
When a file is sent through Gmail and saved to the desktop you can see both the icon overlay which depicts the data classification, by viewing the file properties (right click) tab, or by opening the file to view the classification which is displayed in the Ribbon or menu options.
This is a very useful web map for solar power potential that Google has created - https://www.google.com/get/sunroof
Most organizations use service accounts with access to specified groups of mailboxes to target searches, however in some conditions or as a backup an option you can use is the LDAP method. For example, you can use LDAP to return mailboxes in chunks (all As or Bs, etc).
Below is an example query - this is placed in the LDAP box for the Exchange server entry.
<LDAP:/server.domain.com/OU=ou,DC=domain,DC=com>;(& (mail=*) (| (&(objectCategory=person)(objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=user)(|(homeMDB=*)(msExchHomeServerName=*))) ));mail;subtree
Spirion is capable of searching many database types such as Microsoft SQL Server, Oracle, MySQL, PostgreSQL, Sybase, DB2, and many others. Included is the ability to search other backend systems such as Salesforce using the Progress Software ODBC driver to connect to the Salesforce backend data.
SFDC ODBC Driver Information:
DataDirect Connect for ODBC (Windows) Installation Tutorial
Quick Start Guide
ZenDesk - https://querysurge.zendesk.com/hc/en-us/articles/205766086-Configuring-Connections-Microsoft-Excel
All files have metadata associated which provides descriptive information about a document (file\data). This metadata provides the characteristics of a document which facilitate the ability to categorize it. Metadata such as an author, date created, and topic are typical examples of metadata. For corporate documents, additional common metadata can include information such as Data Classification which Spirion provides.
The Spirion Data Classification process imbeds a friendly name, associated GUIDS, and other tags as indicated from the below metadata extract. The Spirion metadata tag for classification can be resolve in many ways. You can view this directly through the metadata properties of the files such as Word as highlighted in the Doc properties.
From a metadata view perspective, the following table contains all XML metadata found using a program like "exif" viewer such as this useful online tool located at https://www.get-metadata.com.
When I ran the same document to extract the metadata I received the following snippet:
ApplicationMicrosoft Office Word
Characters With Spaces 26
Create Date 2013:07:08 18:32:00Z
Doc Security None
File Modification Date/time 2018:02:07 22:56:31+01:00
File Name Foreign_Doc.docx
File Size 10 kB
File Type DOCX
File Type Extension docx
Heading Pairs Title, 1
Hyperlinks Changed No
Ifclassification Flags 16384
Ifclassification Flags Type 1
Ifclassification Name Type 1
Ifclassification Type 1
Ifclassification Version 43ee0c5f-e038-421c-8a3e-ab4eB1166124
Ifclassification Version Type 1
The highlighted section is the GUID and the friendly name as tagged by the Spirion data classification process. The GUID attribute "Ifclassification" can be used in many ways such as surfacing Classification for DLP or viewing the XML and ADS extract utilities should be able to locate this any many other attributes. For example when using this attribute for a DLP, this process allows integration using the Data Classification Friendly Name and associated GUID.
When I view the ACL list for data discovery in the results tab, why are these blank?
This setting must be enabled to view the ACL's, this can be done using the following.
Specializing in security architecture and data management. SANS certifications and (ISC)² Member and certifications. 20 years as an IT professional with focus in data security and operational data security risk reduction. Real world solutions implementation experience in large and complex environments.
Will discuss the fundamentals meeting GDPR compliance beyond the traditional interviews with the application or process owners. Narrowing the project scope and creating data awareness is critical for any security programs success. Will discuss an approach to meeting compliance and implementing technical automation to help drive information worker security awareness and concentrating resources to protecting critical subject data.
The following illustrate the steps needed to update the license in the Console and Endpoint Software.
This is a fantastic article on mapping DFARS 7012 and NIST SP 800-171 Regulatory Compliance Requirements with Spirion I authored.
This link provides additional information about the Spirion web API.
Any SIEM tool being integrated with Spirion will require the ability to authenticate into Spirion via the REST interface either through developed middleware (such as Splunk), or the capability of scripting a login directly through Spirion's REST interface.
Please refer to the following kb article: Installing and configuring the Spirion Web API for Splunk
Splunkbase Spirion user guides