Extensive data privacy mode
The General Data Protection Regulation implementation has required nearly all organizations to reassess the way they collect and store personal data.
Not only do you have to secure your personal data from outsiders and attackers, you must also make sure that it is only available to insiders in your organization that have a legitimate purpose for processing.
Access management is a particularly useful technique for ensuring access to a given dataset is only granted to specific users. However, managing especially sensitive data requires a more granular approach than access management can easily accommodate.
Covering all your bases can be a difficult task, but we are here to help you along the road of securing your data.
LogPoint’s extensive data privacy mode allows you to be more meticulous about who is allowed to view which data, by hiding particularly delicate information from anyone but those expressly granted clearance. With our tool, you can apply an additional layer of security and take steps to ensure that processing only occurs on a legitimate basis.
Sensitive data such as SSN in medical journals, payment information in audit reports, or confidential email information are types of data that should very rarely be processed by anyone, regardless of role – including even auditors.
Any field that can be used to identify a natural person can be obfuscated in a way where no LogPoint user can view the original data. The user can still run queries, view dashboards and reports but the encrypted field-values will be shown and not the actual data.
To gain access to an encrypted field, the Data Privacy Mode employs a variant of the ‘four-eyes’ principle – a second pair of eyes to authorize a decision. The user looking to view the original data for an obfuscated field will need to request permission from an admin, or ‘granting user’, who will then process the request.
Access to the data field is further restricted to a predefined period of time. The process of decrypting the field and exposing this to a user is fully documented within the product, detailing which user has requested access to which field, who granted access and how long the data has been accessible to the user.
With the Data Privacy Mode, you can
- Obfuscate select data fields in the system by default
- Grant administrative rights to deny or allow access to an obfuscated field, without the admin user viewing the data themselves
- Allow users to request access to an obfuscated field
- Limit access to the field to a predefined time range, after which the data is once again inaccessible to the user
- Document the entire process from request to access
The General Data Protection Regulation (GDPR) affects all companies doing business in the EU. The regulation is designed to improve data privacy by changing the way businesses manage and process personal data.