When it seems like the media reports a new high-profile data breach every day, it is increasingly clear that not enough organizations have solid data protection strategies in place. At AvePoint, we understand that part of the challenge may be simply not knowing where to start. That’s why we partnered with the International Association of Privacy Professionals (IAPP) to bring you the AvePoint Privacy Impact Assessment (APIA) system to help you better understand where your sensitive data lives, and how you can take action to properly protect it.
With APIA – which is available now as a free download – organizations are able to assess the privacy implications of their enterprise IT systems through a customizable, form-based survey system. From the assessment results, key stakeholders can analyze how sensitive information is handled by enterprise IT systems and whether the organization is compliant with privacy regulations.
One of our customers – a services company that handles highly sensitive data – was concerned that it had non-compliant data stored throughout network drives and SharePoint. To help assess and overcome this challenge, AvePoint took steps to help the customer conduct a data discovery exercise, build a data classification schema, and ultimately improve compliance. APIA was a critical part of that process.
Understand your “As-Is” Environment
With APIA, the organization was able to easily survey relevant stakeholders across the business about the how they work with sensitive data on a daily basis. APIA automated the distribution of questions and collection of information while enabling the company to use its own authentication controls for the impact assessment – simplifying the entire process for all involved.
Take Action with Results from APIA
After the survey period, AvePoint reported on responses using data exported from APIA and gave business leaders insight into “a day in the life of their business users”. The results helped them understand how different individuals across different departments and business units collected, worked with, shared, stored and accessed sensitive data, on an every day basis, as well as how much they knew about organizational information security policies. With this in mind, AvePoint conducted workshops to dive into the results, show trends, and identify where controls needed to be placed within SharePoint, network drives, and line of business (LOB) applications.
Implement a Compliance Solution
The customer then implemented Compliance Guardian, AvePoint’s comprehensive compliance management solution for data discovery, data classification, data loss prevention (DLP), and incident management. Compliance Guardian allows the organization’s data protection professionals to create data classification schemas, automatically tag new and existing files, and ultimately take action on sensitive content to enforce compliance across its enterprise collaboration systems.
Thanks to APIA, the customer can run periodic health checks that demonstrate progress made since the initial assessment – information that will be useful for the organization’s data protection professionals in case of an audit. The organization is now empowered with a solid data protection strategy and an understanding of where sensitive data lives within its IT systems – which means reduced risk for the company as well as better peace of mind for data protection officers.
Download APIA for Free Today
More than 2,500 practitioners across 64 industries and 85 countries are using APIA today. To begin analyzing your own system privacy risk, download APIA for free from the IAPP website.