Businesses hold vast amounts of digital and hard copy data. Much is personal data regulated by differing country and state laws and rules. The first step towards personal data privacy compliance is to know what personal data are held by a company. But traditional means of inventorying personal data undercount and are almost always behind the curve of time.
Network analytics is the answer to this challenge offered by 1touch.io, a company born from one of the world’s cybersecurity capitals, Israel, with operations there and in the USA. Under the moniker of “Discover the Unknown,” 1touch has developed a network analytics-based approach to discovery, regulation, constant data flow mapping and network security for businesses to know what, where and how data they hold are being held and processed.
In the rush to comply with GDPR in late May 2018, many businesses approached the inventory of personal data by asking what types of personal data various functions held – such as HR, medical/insurance data, financial information, less sensitive details like home address and phone numbers. While this approach helped to list what a business knows it holds in its digital systems, it ignores the fact that far more than these basic categories are held and processed within business IT systems, including a lot of material the business does not know about or cares to hold. Through a dynamic network analytics approach, a business gets a read of not only what actually is contained with the company’s system, but a continuous monitoring of how it constantly changes (almost always to expand, not to contract!) and how it is being processed for both legitimate business purposes and for other reasons.
Data Privacy Detective Podcast 32 is a conversation with 1touch’s CCO Mark Wellins. We explore how to discover, map and flow data in a more comprehensive and timely way than traditional methods allow. Think of data in an IT system like blood flowing through the human body. We’d like to know where it’s leaking, where it’s infected, when it’s anemic or lacking the right counts. Businesses likewise should be fully aware of what data are flowing into, through and out of their IT systems. Knowing the unknown is the start of how a business can protect personal data properly.