P2P

74 IG technology delivers further automation by monitoring the contents of data within the organization's landscape. Alerts can be triggered and sent to compliance personnel, based on the occurrence of specific events defined by the data governance platform. Attempts to share sensitive information with unauthorized users can be detected. Transfers of data can be restricted by an IG technology until additional approval is provided by the administrators of the IG solution. Accessing Sensitive Information while Avoiding Delay Delays in the provision of access to information can be costly. Employees need to be able to rely on technologies which rapidly search for required organizational information and provide accurate results. However, data privacy laws and other restrictions to access of the content's attributes may create delays to the user's access to information. Relying on user-rights, search results can provide access to partially redacted information, enabling employees to effectively serve their work functions, without undue delay Managing Business Risk – Compliance / Data Security / Data Privacy / Litigation Readiness Relying on an established IG enforcement team coupled with an accompanying use of technology, can improve organizational efficiency while reducing risk. Protecting the confidentiality of the organization's most sensitive information is a key element of an IG program. Systems used to protect the I.T. environment, providing security to the enterprise by restricting access to users without proper credentials or tokens is a key factor in establishment of IG workflows. The interaction between solutions providing cybersecurity and the other various forms of technology used by internal employees must be considered as an element of an IG plan. Cybersecurity, data security, data privacy, and DLP (Data Loss Prevention) are all interrelated topics which create distinct obligations requiring the use of a variety of solutions. Technologies protecting content attributes from unauthorized access may impact the flow of information to employees, which is something the IG plan must address. Technologies which add protection to "Data-in-Transit" through encryption must also be considered by the terms of an IG program as access to encrypted data for authorized users should be included in the plan. Any technology used by an organization may have an impact on the data lifecycle. It is important to recognize if data has been copied to another system, or if versions of a specific business record may exist in multiple organizational sources. Technologies used to protect data, or restrict access to confidential information, may also have an impact on how data is stored and disposed. Organizations should consider the impact of each internal technology to determine if the use of those solutions remains compliant with the terms of the IG program. In addition, cybersecurity protections must be established for any hardware used within the data center, as well as any software solutions or applications used by employees. Security systems used to protect data privacy, or data security may also alter how or where data is accessed or stored, the resulting impact of these additional forms of technology should be addressed by the IG program. Organizations with streamlined approaches to searching their enterprise data are better positioned to address litigation when it inevitably arises. IG technologies can assist with the custodial collection process for potentially relevant information, integrating directly with eDiscovery processing and analytics technologies which are subsequently utilized during the attorney-review phase of litigation. Organizations can use intelligence they have garnered about their data through IG enforcement, and provide more targeted results when producing electronically stored information for attorney-review. "Any technology used by an organization may have an impact on the data lifecycle."

• Cover