How can this happen? If your sensitive data gets misused. Or if you are not able to prove that you do enough to prevent this happening. To protect the sensitive data, it is way not sufficient to create written internal company rules and be „GDPR compliant“. You need to have real control of your sensitive data.
OK, but how? First, you need to be aware of where your sensitive data are. And no, don’t think they are only in well-protected databases. Ever opened for example a shared folder of a copy scanner where copies and scans are automatically saved? You would wonder what you would find. And this is just a drop in an ocean. Or a needle in a haystack.
There are countless documents on servers and user computers that contain sensitive data. Some of them are relevant and should be managed properly. Some of them are not. They are result of some previous activity and are not needed anymore. However, they were not deleted and pose a potential threat of leakage.
And how do you make sure that no sensitive information is sent away per email? Can be in good faith by some user as part of his or her activity.
It is critical to know where sensitive data are, who has access to them. Be it office files, pictures, scans, emails, archives… any file containing text is a potential threat.
OK, but how do you analyze so many files? It can be hundreds of thousands of files. And they keep on changing every day. There is no way a human could ever analyze all of them. Fortunately, there are ways how to do it these days. First, text content and metadata is extracted from all files all over the network. The unstructured text content is then analyzed by an AI-powered semantic analysis layer. As a result, the user is given a detailed information what files may potentially contain sensitive data, which of them may be the most critical to be further examined and cleaned. Thus, you get the most important and most critical part of data privacy: control of your sensitive data.
This is also very useful if someone comes across, asks for the complete list of related personal information or asks for the right to be forgotten according to GDPR. What will you do? Run a query from a database? OK but what about the rest of the data – dwelling on purpose or totally accidentally in files and various documents?
Within our BI and data analytics projects we were asked by our customers if we could handle this. We took the challenge. And guess what? There you go: we have developed Mole Data Privacy Analytics that will help you get your sensitive data under control.
It is quite easy to be used. We help you with the initial set-up by means of a PoC. If necessary, tweak it to your requirements. Just run it on your server and get your sensitive data under control.
Check it out at: https://emarkmole.com/
Please, let me know what you think.