GDPR compliance for cloud data
Personal data in the cloud subject to data residency, sovereignty, and GDPR requirements lives in plain sight in structured data stores and hides in the recesses of log files, account statements, invoices, and other unstructured data inside object storage. With pre-built country-specific data classes and the ability to produce custom composite data classes, discover personally identifiable data across clouds and regions, and apply GDPR-specific data guardrails, Open Raven gives security teams essential visibility and control of regulated data to ensure compliance.
Ensure personal data complies with data residency, sovereignty, and GDPR requirements
Discover types and locations of regulated data
Predefined data classes identify GDPR-regulated data leveraging sophisticated machine learning and pattern matching techniques, and AI-assisted validation to ensure accuracy.
Easily produce reports and alert on data locations, potential data transfers, backup, and protection statuses to satisfy GDPR requirements.
Monitor the protection status of sensitive data with pre-built or customized rules and policies and manage violations using existing workflows to reduce GDPR compliance risks, prevent incidents, and avoid expensive fines.
Discover country-specific personal data types and locations
The Open Raven Data Catalog provides a detailed view of country-specific types of personal data and their locations. Query by specific cloud providers, regions, and country-specific data types such as passport or tax identification numbers, identify data stores with several personal identifiers, or quickly see if country-specific data resides in the correct region and complies with data sovereignty requirements.
Identify high-risk personal data combinations
Composite data classes enable security teams to quickly identify assets containing combinations of data classes that can directly identify an individual using online identifiers such as their name, an identification number, IP addresses, or location data.
Apply GDPR-specific data guardrails
Open Raven provides pre-built rules and policies that when applied automatically determine if the security posture of personal data complies with GDPR requirements or if data subject to data residency and sovereignty requirements is located in cloud regions beyond the intended geographical boundaries. These rules can also be used to prove data resides within the correct geographic boundaries in the event of an audit.
Remediate GDPR compliance issues
Context-rich alerts contain all of the data required for quick resolution: location, data store(s), preview of the data, with deep links to cloud provider consoles for fast, manual remediation as well as one-click integrations to existing workflows including email, or Jira, or with ChatOps processes using Slack.