The true challenge of discovering Personally Identifiable Information (PII) is not simply learning which entity relationships lie in your structured and unstructured data, but rather discovering its location. This is partly a result of the challenges Shadow IT poses. In dynamic networks, your personal data is always on the move. The way it is stored, shared, and processed is constantly changing. Enterprises are finally starting to understand that taking a snapshot of which network elements are using personal data at a given moment quickly becomes irrelevant. Read here about why companies are adopting the network analytics approach to keep their Personal Data Inventory up-to-date.
1touch.io tracks how a data subject identity is used in the enterprise. Simply listing the documents and repositories in which personal data is being used does not meet GDPR and CCPA regulations of PII tracking within your business. Only once you can track each unique identity and understand how each one is being used in your organization can you fully reduce the risk of non-compliance and excessive storage of personal data beyond the needs of your business.
An organization must obtain constantly-updated maps of data flow – both for compliance and security reasons. Privacy stakeholders understand that this is an essential requirement of GDPR. CISOs want a holistic and proactive view when personal data is flowing in directions that run contrary to business requirements. Using this, they maintain the security of personal data – one of the enterprise’s most prized assets.
While it is important to scan databases to understand how personal data is being used, and the entity relationships that underlie the personal data, enterprises are realizing that this only provides part of the picture. An increasing number of enterprises are using applications to define entity relationships. This poses unique problems for identifying the usage of unique identities, such as unknown applications.
The PII you hold needs to be constantly updated, easily accessible and easy to collate. The main concern our customers faces is ‘DDOS’ by DSAR. Following a ‘CNN’ moment or a class action suit, enterprises are concerned about their ability to keep up with ever-increasing demands on data access requests, which are a huge burden on operational resources. Our solution has unprecedented ease of visibility into how your PII is being used and our Zero Touch solutions we provide for customers to easily access customer data usage – thereby enabling massive DSAR capabilities with minimal operational overhead.
You can only truly understand Third party sharing if the topology of the network is intertwined with a constantly updated PII Discovery and Flow Mapping solution. If this is left to manual methodologies, then it very quickly becomes outdated and irrelevant, thereby exposing the enterprise to risk. DLM Pro gives you an understanding of how all personal data is being shared with network topology, giving constantly-updated, accurate data. Our alert system notifies you about how personal data is being shared with third parties – even to the most granular levels.