The Bitglass “Where’s Your Data?” Experiment

By Chris Hines, Product Marketing Manager, Bitglass

Bitglass_Wheres_Your_Data_thumbnail783. That’s the total number of reported breaches involving stolen data that occured in 2014 alone.

When the story first broke about the Morgan Stanley breach, where an ex-employee stole corporate data and pasted it on a file-sharing site called Pastebin, it got us thinking. We all hear about these massive breaches that take place–Target, Home Depot, Sony, Anthem, Premera–but what actually happens to the data after it is stolen? Where does it travel to? How many people see it, and how much damage can it cause?

In an effort to find the answers to these questions, we decided to launch the world’s first data tracking experiment located in the Dark Web. So, what did we do? We created an excel spreadsheet of 1,568 fake employee credentials, then placed it on anonymous file sharing sites within the “Dark Web,” using a Tor browser as our entry point. We tracked the data as it travelled to various sinister locations around the world, and as it was shared amongst cyber-crime syndicates overseas. But how?

Here at Bitglass we have developed the first watermarking security solution on the planet. The patent-pending tracking technology works like this.

  1. Document travels through Bitglass proxy when downloaded from a cloud  or on prem application and  down to a mobile device.
  2. When this occurs, the document is automatically embedded with an invisibe watermark.
  3. Every time the document is opened, a “ping” is sent to the Bitglass portal displaying: user name,  file name, geographic location, IP address and device type.
  4. Even if a watermarked document is copied and pasted elsewhere,  or mutilated in some way, the watermarks still persist.

What we found from this experiment will change the way that our industry views data security today, and shine a light on the need for greater visibility into where sensitive data travels. Especially after a breach.

Who’s keeping tabs on your data?

Watch the video and download the report to see what we uncovered.


Leave a Reply

The name and email fields are solely used to comment on posts. Cloud Security Alliance does no further processing of this data. See Section 3 of the CSA Privacy Policy for details.

Share this content on your favorite Social Network.