Checkmark icon

GDPR compliance for cloud data

Personal data in the cloud subject to data residency, sovereignty, and GDPR requirements lives in plain sight in structured data stores and hides in the recesses of log files, account statements, invoices, and other unstructured data inside object storage. With pre-built country-specific data classes and the ability to produce custom composite data classes, discover personally identifiable data across clouds and regions, and apply GDPR-specific data guardrails, Open Raven gives security teams essential visibility and control of regulated data to ensure compliance.
Bele on GDPR logo

Ensure personal data complies with data residency, sovereignty, and GDPR requirements

Answer fundamental GDPR data security compliance questions

Checkmark icon

Discover types and locations of regulated data

Predefined data classes identify GDPR-regulated data leveraging sophisticated machine learning and pattern matching techniques, and AI-assisted validation to ensure accuracy.
Checkmark icon

Demonstrate compliance

Easily produce reports and alert on data locations, potential data transfers, backup, and protection statuses to satisfy GDPR requirements.
Checkmark icon

Monitor compliance

Monitor the protection status of sensitive data with pre-built or customized rules and policies and manage violations using existing workflows to reduce GDPR compliance risks, prevent incidents, and avoid expensive fines.
Location icon

Discover country-specific personal data types and locations

The Open Raven Data Catalog provides a detailed view of country-specific types of personal data and their locations. Query by specific cloud providers, regions, and country-specific data types such as passport or tax identification numbers, identify data stores with several personal identifiers, or quickly see if country-specific data resides in the correct region and complies with data sovereignty requirements.
List of assets with 'Show Personal Data by Country in AWS and GCP' written above
Composite data icon

Identify high-risk personal data combinations

Composite data classes enable security teams to quickly identify assets containing combinations of data classes that can directly identify an individual using online identifiers such as their name, an identification number, IP addresses, or location data.
Panel to create a new composite data class with different conditions and combinations of data classes listed
Square with half dotted line and half sold, icon

Apply GDPR-specific data guardrails

Open Raven provides pre-built rules and policies that when applied automatically determine if the security posture of personal data complies with GDPR requirements or if data subject to data residency and sovereignty requirements is located in cloud regions beyond the intended geographical boundaries. These rules can also be used to prove data resides within the correct geographic boundaries in the event of an audit.
Data store and storage bucket connected to Open Raven. German data potentially liable to GDPR and Regional data storage best practices policy are in violation
Alert, triangle icon

Remediate GDPR compliance issues

Context-rich alerts contain all of the data required for quick resolution: location, data store(s), preview of the data, with deep links to cloud provider consoles for fast, manual remediation as well as one-click integrations to existing workflows including email, or Jira, or with ChatOps processes using Slack.
Datastore connected to a Slack channel with messages from Open Raven about violations