Elevate your enterprise data technology and strategy at Transform 2021.
The fast-changing nature of today’s data privacy regulatory landscape, as well as the variation between current laws, presents a major challenge for enterprises. Software solutions help, but the additional manual processes associated with data privacy compliance can still be expensive and time-consuming for businesses. A report from Data Grill estimates that managing Data Subject Access Requests (DSAR) manually can cost upwards of $240,000 per million records.
On Wednesday, cybersecurity company Imperva announced a tool, based on its Sonar Platform technology, aimed at helping enterprises better navigate privacy compliance. Called Imperva Data Privacy, the release streamlines the process of identifying where personal data is stored in an environment and who is accessing it, minimizing the manual processes required to maintain continuous compliance.
“Discovery, figuring out how and where the data is, has traditionally been done by spreadsheets and interviewing data custodians or data owners,” David Valovcin, senior director of privacy at Imperva, told VentureBeat. “It’s very manual. And it’s inaccurate because it’s relying on human memory. What this does is automate that process.”
Imperva Data Privacy works with any on-prem, cloud, hybrid, or multi-cloud environment, and existing customers can run the tool on top of the Sonar Platform. It also automatically adjusts for any new or expanded regulations.
Current mandates include that consumers have the right to know what data a company has about them, the right to rectify errors, the right to port personal data, and the right to be forgotten. The California Consumer Privacy Act (CCPA) mandates that any organization that processes data on California residents must comply, affecting most companies. There’s also GDPR, or the General Data Protection Regulation, in Europe. Overall, more than 107 countries have data privacy and protection laws with more likely on the way, including in several U.S. states.
“Organizations are scrambling to figure out how to do this because the laws have been passed, they’re changing, and the definition of personally identifiable information is changing as well,” Valovcin says. “Originally, that was, of course, social security number, but now it’s expanded to include tracking religion, political affiliation, and even IP address.”
As the mandate for data compliance continues to grow, so does the need for advanced security solutions. 2020 was “perhaps the most active year in memory” for cyberattacks, according to a report from cybersecurity company CrowdStrike, which also found that malicious actors increasingly turned to data extortion in their attacks against enterprises. Data protection specialist Acronis declared “2021 will be the year of extortion.” Already, Imperva researchers found that data leakage attacks are up 74% since the beginning of 2021.
The fact that exposures are so common has people wary. In a 2020 survey of 10,0000 adults, around two-thirds said they’re more alarmed about their online privacy than ever before. Among the respondents, almost half said their top concern is their personal information being exposed and compromised by cybercriminals in a data breach.
“It’s going to be a growing problem for all organizations watching data,” Valovcin says. “I think we’re seeing a global trend here in acknowledging that consumers have the rights to their data and need to know how the data is being used.”
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more