Discover and protect sensitive data across every single endpoint.
Enterprise Recon identifies 95 types of sensitive customer and employee information for PCI DSS, HIPAA, and more by searching all servers, workstations, email, databases, cloud and other storage locations used across your entire organisation.
Using Enterprise Recon’s centralized management console, your team can identify and isolate any data storage risks. Avoid becoming the next data compromise headline. Try Enterprise Recon for free today.
1 year enterprise license
It’s impossible to know what's inside every single file across your network. But Enterprise Recon identifies what sensitive data you’re storing without any guesswork or assumptions. Once you know where the risks are, you can begin to mitigate those risks and prevent problems from resurfacing later. This is a core fundamental of being secure and compliant, and one that your security auditor will have added respect for your pro-active approach.
Even if you have hundreds or thousands of employees, workstations or other computing devices, Enterprise Recon makes complying with security standards like PCI DSS easy. Search any number of systems within your network with just a few clicks.
The search results identify where sensitive data is being stored, and for PCI DSS we'll highlight separately where any prohibited magnetic stripe (Track1/Track2) data was found.
Enterprise Recon searches everything – emails, databases, log files, documents and more across all systems within your organization. Enterprise Recon reads the contents of all major file formats, making it the most accurate solution for security of sensitive customer and employee data.
If unencrypted sensitive data is hiding within your organization, Enterprise Recon can find it.
Are you spending too much time staying compliant with PCI DSS, HIPAA or other mandatory security requirements?
Enterprise Recon simplifies and speeds up your work with automated, recurring scans at regular intervals all year round.
You can measure and track insecure sensitive data storage at the touch of a button using Enterprise Recon’s powerful reporting capabilities.
Reporting levels include each host, VLAN, group or department, or you can select a master report for the entire enterprise. Save reports in many formats, including email, PDF, CSV, XML and raw text.
Once you’ve identified your organization’s data storage risks, who will take ownership to fix the problem?
Enterprise Recon’s multi-user features grant access only to the areas of the organization each individual is responsible for. This empowers business units to accept responsibility and remediate the data storage risks that they inadvertently created in the first place.
Retain evidence of compliant cardholder data storage practices to share with your PCI QSA and sponsoring bank.
Enterprise Recon stores a complete history of reports for every scanned system, enabling comparisons of past and present compliance. This creates permanent evidence of your ongoing, compliant cardholder data storage practices, ready to be shared with your PCI QSA or sponsoring financial institution.
Why should you choose between accurate results and low resource usage? With Enterprise Recon, you don’t have to.
When running a search across a large production system, Enterprise Recon pursues accuracy and low resource usage over speed. This makes Enterprise Recon ideal for mission-critical systems and employees who must not be interrupted by resource-hogging searches. Enterprise Recon uses network resources so efficiently that it can be deployed remotely with low bandwidth.
Real-time alerts provide immediate notification of instances of non-compliant cardholder data. Your QSA and risk management team will be impressed your remediation response and your organization will be safer when threats are eliminated as quickly as possible.
Not sure where all of your systems are? Enterprise Recon includes the ability to discover systems on your network that have not been searched, so you can ensure complete coverage across your entire estate.
Don’t like installing agents on your end points? With Enterprise Recon’s dissolvable agent, you can deploy an Enterprise Recon search (via active directory or SSH) to any supported end point, without the need to install an agent first.
If your bank requires you to be PCI DSS compliant, Enterprise Recon can help. Enterprise Recon finds card numbers issued by ten major card brands, with additional support for test numbers, custom BIN ranges and Track1/2 magnetic stripe detection.
Enterprise Recon includes all the PCI compliance capabilities we offer in our Card Recon data discovery tool.
Are you storing your customers’ national identity number? Enterprise Recon can find more than 50 types of national IDs, including Social Security numbers (SSNs) and Tax File Numbers (TFNs) from most of Africa, Asia, Europe, Middle East, Oceania, North America and South America.
Are you a healthcare provider complying with HIPAA and other medical industry compliance initiatives?
Enterprise Recon finds many types of PHI, including Medicare, national insurance and national provider identifier data types from multiple regions.
If your business handles personal banking information or business customer information, Enterprise Recon can improve your data security compliance.
Enterprise Recon offers the ability to identify stored bank account numbers, SWIFT Codes, IBANS, BSBs, GST and VAT information.
If your business stores customers’ personal information, Enterprise Recon can improve your data privacy.
Enterprise Recon can accurately detect your customers’ name, address, phone number, date of birth, and other elements which, when used together, could be used to commit identity theft.
Does your business store sensitive IDs and reference numbers that are specific to your business?
Enterprise Recon offers a unique feature enabling you to build custom definitions of sensitive data. You can also build definitions to find specific combinations of sensitive and personal data.
Tired of getting thousands of false positives with an open source product? Enterprise Recon uses a built-in elimination algorithm to scrutinise every finding and deliver filtered results with low false positives.
Our data discovery algorithm was built from the ground up specifically to identify sensitive data. Rest assured that you're running the most accurate search possible. Enterprise Recon analyses each possible finding hundreds of times at lightning speed to uncover genuine security risks.
Enterprise Recon comes with built-in support for detecting seven major card brands used in more than 200 countries. This includes the 5 major card brands that require PCI compliance.
Millions of files, terabytes of data? Most data discovery solutions skip up to 60% of files if they are not supported. But Enterprise Recon attempts to inspect every object, regardless of its file name or file type. Enterprise Recon handles hundreds of file formats, including office documents, text files, databases, emails, images and audio.
PCI DSS requires the use of test card numbers in development and test environments. Enterprise Recon identifies more than 10,000 of the most common test cards used by payment processors and payment gateways, and excludes them from findings. And you can add your own test card numbers to the list.
Whether you store card numbers with spaces, dashes, or no separators at all, Enterprise Recon will isolate and detect personal account numbers (PANs) with low false positives. Enterprise Recon recognises more than 160 combinations of PAN storage structures.
Microsoft-supported versions of 32-bit and 64-bit Windows systems, including Windows 2000, Windows XP, XP Embedded, Windows Vista, Windows 7, Windows 8 and Windows Server 2000/2003/2008/2012 on Intel x86 CPU architectures.
Mac OSX 10.5 (Leopard) onwards on both Intel x86 and PowerPC CPU architectures.
All modern distributions of Linux supporting Kernel 2.4 and 2.6, including Centos, Debian, Fedora, Redhat, Slackware, SUSE and Ubuntu on Intel x86 CPU architectures.
As a tip-on-the-hat to our bearded friends at FreeBSD, Enterprise Recon supports distributions of FreeBSD 6.x, 7.x, 8.x and 9.x on Intel x86 CPU architectures.
All Oracle-supported versions of Solaris, including 9.x, 10.x and 11.x on SPARC and Intel x86 CPU architectures.
HP-UX B11.11 for PA RISC and B.11.23 onward for Integrity (Intel Itanium) CPU architectures.
AIX 5.3, 6.1, 7.1 on pSeries CPU architecture.
Mid-range and Mainframe systems, with full support for IBM's Extended Binary Coded Decimal Interchange Code (EBCDIC) to read files copied from systems such as AS/400, S/390 and iSeries to be searched in their native form without modification.
Any text and mark-up language format, including TXT, RTF, HTML, XML, and more.
Popular office applications within Microsoft Office 95 / 97 / 2000 / XP / 2003 / 2007 / 2010 / 2013, Star Office, Open Office, Libre Office and Neo Office. Card Recon also provides full support for Abode PDF documents.
All the major and minor compression types in use today, including 7zip, Bzip2, Gzip, LZMA, LZMA2, Ar, LZW (.Z), .EXE Self Extracting Executables, Microsoft Tape Format, RAR, XZ, ZIP and all legacy codecs, including implode, deflate, deflate64, bz2, lzma and ppmd.
All data within database files, including Microsoft Access, SQLite, DBase, and Microsoft SQL Server (MDF and LDF), as well as data stored as binary large objects (BLOBS); reports display the table and column name, if applicable.
Emails and their attachments stored in Microsoft Outlook PST, OST (2003 - 2010), Outlook Express, Lotus Notes NSF, Thunderbird, Eudora, Exim, Courier, Postfix, QMail, Maildir, Sendmail,DBX, MBox, and any standard MIME data formats.
Enterprise Recon understands common audio file formats, and will recognise cardholder data entered using a telephone keypad (DTMF tones) from pay-by-phone and IVR transactions which have been inadvertently recorded. Supported formats include WAV PCM 8/16bit mono/stereo, and MP3.
In addition, supported audio files with recorded English conversations containing credit card numbers are detected by the software.
Scanned documents or other image-based files on your systems may contain sensitive data that cannot be detected by orthodox text-based scanning methods, but could easily be picked up by cyber criminals.
Using Optical Character Recognition (OCR), Enterprise Recon scans image files like JPGs and PNGs to provide even more depth and accuracy to your searches.
Enterprise Recon searches all locations, regardless of file types—even if they aren’t listed above. If a file type is not recognized, Enterprise Recon performs generic binary decoding to filter out the raw data and attempt to identify any sensitive information stored within. When you read an Enterprise Recon, you’ll know that every possible data file has been searched.
Enterprise Recon searches all local storage, including fixed drives, removable drives and accessible locations where a file can be stored.
Most organisations cleanse unwanted data by simply deleting it, but it can be recovered easily by commonly available tools. Are you storing cardholder data in deleted files? Enterprise Recon searches all the free space on a local system and identifies any sensitive data that remains. Then you can opt to remove it permanently.
Storing data on SAN or NAS devices? Enterprise Recon enables remote scanning of network drives and limits network impact by controlling the data transfer speed.
Enterprise Recon enables live searching of the most popular enterprise database servers, including Oracle, DB2, Microsoft SQL Server, SAP Sybase, MySQL and PostgreSQL.
Enterprise Recon searches Microsoft Exchange Information Stores and other email servers to identify cardholder data stored in user mailboxes, including attachments.
With the rise of memory scraping malware, your company needs the ability to audit the memory usage of applications for protection against data breaches. Enterprise Recon simplifies this process by enabling auditing of memory for any sensitive data across any supported end-point.
The average organisation stores 33% of its data using cloud resources, making it a key location to be scanned and safeguarded.
Scan and secure Amazon AWS and Google Apps cloud storage locations to keep your hosted data safe.
Want to quantify your total data storage risk across the entire organisation? Enterprise Recon delivers high-level management reports with summarised statistics for all sensitive data found throughout the organization. You can also view breakdowns by department or business unit as needed.
Do you need to hold each business unit accountable for its data storage habits? Generate reports for each business unit to show exactly which systems and end-points contain sensitive information and to highlight high-risk areas.
View a detailed report of findings on each end-point, including every file, database, and email containing sensitive data.
Enterprise Recon reports can be viewed onscreen, shared via email, or prepared for offline viewing. Report formats include HTML, text, CSV and PDF.
Don't need to retain any of the data? Enterprise Recon’s Secure Delete feature can be used on accessible stored files to permanently erase any trace of the data, rendering it completely unrecoverable by undelete and forensic tools.
Want to keep the data, but need to store it more securely? Secure Quarantine lets you move accessible files to a secure location while permanently erasing it from the location where it was found.
Want to sanitise sensitive data, but keep all the surrounding data? The Sensitive Data Masking feature enables redaction of each instance of something sensitive within text based log files, configuration files and other simple files types stored on disk. For example, 1234000000005678 becomes 123400xxxxxx5678, thus rendering a non-compliant PAN as PCI DSS compliant.
Do you have a business-justified reason to be storing sensitive data, yet can’t afford to let it fall into the wrong hands? Secure sensitive yet important data via AES 128bit encryption, locking the files down with a password only relevant parties will know.
We know you don't want to waste time when managing your data security, so we've designed Enterprise Recon for ease of use and speed.
Enterprise Recon allows you to view the contents of a file remotely without impacting your PCI compliance scope. Our remote file inspector enables you to view the contents of each file to show you exactly where the findings are—without any risk thanks to Enterprise Recon’s dynamic cardholder data masking capabilities.
Enterprise Recon lets you permanently erase any file containing cardholder data so that it cannot be recovered using undelete or forensic tools.
Enterprise Recon supports authentication via Active Directory for interoperability with your central security controls, including password management and user permission groups. Large deployments benefit from automatic host group assignment using previously established Active Directory host groups. This feature is a true timesaver for large environments.
Segregation of duties is easy in Enterprise Recon. Use different levels of access to enable team leaders and business managers to view only their own areas of the business.
Enterprise Recon uses syslog to integrate with your Security Information and Event Management system. This supports all your security compliance requirements that ensures all your actions and activities in ER are centrally logged.
Enterprise Recon doesn't store or transmit sensitive data—none at all. This means that Enterprise Recon can be deployed across your entire organisation without increasing your data security compliance scope. Furthermore, all Enterprise Recon reports are disseminated and stored using AES128bit encryption to prevent eavesdropping and information leakage.