InfoSure Sensitive Data Governance Service
Are your information assets susceptible to potential access, and do you have a remediation strategy in place to address possible data breaches? Regular reviews and remediation should be part of an organisation’s risk management plan.
WHAT SETS US APART
InfoCentric has extensive experience working in complex, high volume data environments to establish data governance best practices. We have a unique combination of data governance expertise coupled with specialist technology to assist in the implementation of sensitive data auditing, scanning and remediation.
This enables us to use our specialist skills and capabilities to offer a unique service designed to assess your information risk, with particular emphasis on your retention and management of sensitive data, scanning and assessing your data assets, and providing remediation services to assist internal customer teams to pro-actively address data exposures.
KEY CHALLENGES
- Evolving compliance requirements – The landscape of regulatory standards, such as Privacy Act 1988 (Cth) or APRA Standard CPS234 / 235 can be complex to manage. In 2022, penalties for repeated or serious privacy breaches in AU were increased significantly.
- Growing prevalence of data breaches – Data breaches are on the rise, with increasing numbers of large organisations across industries falling victim to large-scale cyber attacks. Tactics are constantly evolving, with multi-layered defences required.
- Real-world impacts of data breaches – Breached data can be used for identity theft, phishing scams, domestic violence, and more. Information available to those with malicious intent is hard to stop and can lead to serious harm.
- Internal risk and audit capability – Internal audits and risk assessments may have difficulty managing the scope and breadth of information management. However, unmanaged sensitive information can present an intolerable risk.
OUR KEY PRINCIPLES
InfoCentric has adapted our Information Management Framework and created our Information Assurance Model that guides a customer through an end to end set of activities for assessing your information assets, establishing standards, policies and business rules, and then the critical process of guiding the customer through the review and remediation activities. Dashboard reporting provides critical information for executive and operational consumption.
INFOSURE
InfoCentric’s InfoSure Sensitive Data Governance Service identifies sensitive PII information across multiple repositories. Scan selected high-risk environments, such as network drives, cloud drives and structured databases. Identify sensitive information within files, with configurable options based on your environment.
Scan for the following attributes: Name, Address, Phone, Medicare, Drivers License, Email, Passport, Credit Card, Tax File, Gender, Date of Birth … and more
InfoCentric’s Audit & Prioritisation and Remediation service drives a thorough clean-up and ongoing assurance process:
- Develop a remediation approach based on existing risk, security and records frameworks, including pragmatic and concise stakeholder education
- Provide findings and insights to each team regarding how to tackle files – for example prioritising high-risk files that have not been accessed for significant periods
- Support each team with advice and quality assurance
- Conduct an audit post remediation to provide assurance, identify remaining risk and input into strategic findings report.
BENEFITS
- Drastically reduce information risk by actively disposing of, or moving to manage files containing high-risk sensitive information.
- Make compliance easier by defining an appropriate set of consumable criteria for managing sensitive information
- Educate staff using ‘real life’ examples of unmanaged sensitive information (results of scan)
- Ensure ongoing compliance through more mature processes and annual audits.
- Avoid becoming the next headline and protect your organisations reputation.