Contact Global Locations
Scoping & Documentation ASV Scanning Contract & Liability Review PCI DSS Gap Analysis Risk Assessment Security Testing Compensating Controls Blackfoot Prioritized Approach Annual Data Security Assessment Payment Processing & Outsourcing
Virtual Security Officer (VSO) Incident Response ISO 27001 Document & Policy Creation Security Awareness Risk Assessment
Infrastructure Security Assessment Web Application Assessment Physical Security Assessment Secure Code Review Data Discovery Wireless Security Assessment Vulnerability Management
Blackfoot Blackbox SME Virtual Security Officer (VSO) Firewall Management Audit Log Management Intrusion Prevention/Detection
PCI DSS Training PA DSS Training Secure Software Development Security Awareness

Data Discovery Audit



Many organizations are unaware exactly what customer data their systems are collecting and where it is being stored. This can be especially prevalent when systems have been inherited or there have been a large number of staffing changes.

Company Officers should also have a high degree of confidence when signing an Attestation of Compliance, part of which states:

"No evidence of magnetic stripe (i.e., track) data , CAV2, CVC2, CID, or CVV2 data , or PIN data storage after transaction authorization was found on ANY systems reviewed during this assessment."

This implies there should be a process that actually looks for improperly stored data, rather than ticking the box on the presumption that you might not think there is any such data.

Blackfoot's Data Discovery Audit can scan your entire network and server infrastructure for improperly stored data, for example credit card data, passport numbers and other forms of personally identifiable information.

Specific file content such as music, video or adult material can also be located. Following the audit, we will issue a report detailing findings.