GDPR - PII audit

There are four main areas in which Wavex assist their clients - in discovering what you already have, in helping you respond appropriately to requests, in providing a good degree of accountability and in protecting you from risks.

Discovery

With regard to GDPR, Wavex has developed a server application that can automatically find your user-identifiable data across all your servers. This analyses all you files of various file types and documents stored in SharePoint. The collected data, often tens of thousands of files, is then placed within a Business Intelligence tool to provide dynamic analysis.
The typical questions you are then able to answer are:

This information provides a good indication of the work involved in meeting your regulatory obligations.

Response

The next challenge is ensuring you have built the appropriate processes to handle various user requests - access requests, right to be forgotten. Wavex build these processes onto their APEX® platform providing a convenient way of capturing the request and ensuring the correct activities are performed within the appropriate timeframe.

Accountability

Ensuring you remain compliant is important however the work to achieve this can be challenging. Each part of your business needs to answer a range of questions at semi-regular intervals (called attestations). As part of our fully managed IT service, clients get access to our APEX® platform automates this entire process; seeking answers from different departments and pulling this together to form your compliance dashboard.

Furthermore, reports can be automatically delivered to you on specified days outlining your level of compliance and any possible risks.

Protection

As part of GDPR it is vital that you have taken reasonable steps to protect your data. Wavex can provide a range of solutions and services to help you achieve a good degree of protection. These solutions range from end-point protection to proactive security assessments; all designed to minimise the risk of experiencing a data breach.

Clients also have access to our benign-phishing solution (also on APEX) which provides you an overview of who within your organisation may require additional cyber-risk training.