The recent GDPR legislation places an even greater onus on organisations to protect client sensitive information. We find a common theme that the distribution of such data through an organisation is often not well understood. Where is such information stored, what documents has it been published in, and how are these distributed on the servers and workstations in the organisation? This can be a big challenge for the Data Protection Officer; if he does not know where the important data resides how can he develop the right policies to protect it?
The eSpyder solution is a distributed solution to search for and report on sensitive information. On the central console you may define a search to show me all documents that contain a social security number (or credit card number - the search criteria are wide and user defined). A search is then triggered that is distributed out to all end-points, with the results being centrally collated.
This allows the DPO to find out and audit where information is distributed in the organisation, whether it be on servers, user PC's, or cloud storage. This process can form part of an initial discovery, or it can be part of the ongoing compliance and audit regime. Specific searches can also be defined to locate all data on a specific individual (for instance), which is important when a discovery request is received from that person.