Introduction

The Story

Data leaks or breaches have become an ever increasing threat to organizations. In the past, data leaks were mainly the result of external attacks, however trends are now showing that more and more attacks are occurring from within organizations

Damages caused by such data leaks are not to be underestimated. Damages to public image and brand reputation can rapidly run into significant figures once your name hits the press with news of compromised or loss of data.

On the 25 May, 2018 the GDPR (General Data Protection Regulation) will be enforced. This will guarantee the equal privacy rights of European citizens across all EU member states. Breaches of data will then also be subject to financial penalties; an extra cost to add to the already long list of damages.

Organizations are required to prove compliancy by 25 May, 2018 and be prepared to meet this new legislation. Such preparations will involve a range of activities including the drawing up of a comprehensive data inventory or landscape. This will enable organisations to identify which sensitive data they store, how it is stored and by whom this data is processed, externally or internally. This knowledge is critical to plan out and implement realistic data privacy policies. To conduct this work manually is a monumental task.

More often than necessary, sensitive data is used or reused in multiple environments. Typical examples of such environments relate to development and testing of software, education and training, Business Intelligence systems and archived data. In many cases the access to these sensitive environments by system administrators, database administrators, developers, trainers and data analysts is much less regulated than production environments. By ensuring that these environments use anonymized data, the volumes of data at risk can be reduced and the risk of data breaches and the costs of the security infrastructure can be minimized.

The Qixium platform helps you manage sensitive data the right way. Using its intelligent automation feature, you can discover where your sensitive data resides and automatically classify it. Not only to meet the required levels of compliance for GDPR or ISO 27K but also to follow up on any changes to data after the initial process of discovery and classification. The classification can also be used to simply anonymize sensitive data for use in non-production environments. The intuitive dashboard provides users with an overview of the status of sensitive data using, for example, a clear sensitivity index. This lets organisations know if data privacy conditions are improving or require further action.

In summary; Qixium is the solution for structured and unstructured data that you should consider sooner rather than later.