File classification and management
Migrating data to the cloud? Wanting to remove redundant, obsolete and trivial data to minimise storage costs? Or just wanting to know where personal and sensitive data is stored?
Infoboss can help to classify your data and automatically monitor and enforce retention, subject rights and other data protection and management policies and procedures to help minimise risk of a data breach or non-compliance and reduce the volume and cost of data storage.
“We used the results of the audit to inform data minimisation activities ahead of a significant cloud migration project.”
The GDPR requires you to document where you’re storing the personal data of EU citizens. For our discussion, “where” refers to both a geographic location as well as what kind of mechanism you’re using to store it—whether that’s in emails, documents, databases, backups, email lists, etc.
Recent research has indicated that over half of data breaches are the fault of company insiders. Therefore, to mitigate the risk of a data breach and better comply with the GDPR it is crucial that you can answer with confidence the following questions:
- Where is personal and sensitive data stored in your organisation?
- Who has access to it?
- Should you be retaining it?
In truth most organisations, find it extremely difficult to answer these questions with any degree of certainty. The sheer scale of unstructured data held within the modern organisation which incidentally is growing (according to IDC research) by 61% per annum can make answering these questions difficult, if not impossible.
How Infoboss helps
Infoboss collects data from any digital data source – structured and unstructured. As it does so, it applies rules that you define to identify and tag data of interest enabling a comprehensive searchable, data catalog to be built. It can be used to:
- Identify where you are storing personal and sensitive data;
- How you protect the data (and importantly who has access to it);
- How long you have been keeping the data (is it within your data retention policy guidelines);
- Whether your data processing consent policy is being applied;
- Whether ‘right to be forgotten’ requests are being respected;
- To easily find data to service a data subject or freedom of information request;
- Understand the relevance and value of your unstructured data; and
- Identify non-compliant, poor quality or problematic data entering the data estate and take action in a timely manner.