Next DLP Scoped Investigations separates employee identity from their behavioral data
Next DLP announced a new ‘Scoped Investigations’ capability in the Reveal platform that protects privacy by time bounding and restricting access to employee activity to only investigators with an approved and legitimate need to access it.
A complementary pseudonymization feature redacts personally identifiable information (“PII”) so that security professionals can investigate potential incidents without seeing employee details. This prevents bias and protects employee privacy while permitting security professionals to get their jobs done.
“Organizations now know their employee experience, or EX, directly influences the quality of their customer experience,” said Constance Stack, CEO of Next. “Employees have expectations of privacy, employers have risk to manage, and privacy and labor laws are non-negotiable. Scoped Investigations enables organizations to improve their EX, respect employee privacy and still secure their business.”
Scoped Investigations empower organizations to meet employee privacy expectations and comply with information security regulations by limiting the information accessible to security analysts for forensic analysis by default. Scoped Investigations grants time-bound, revocable, and audited data access to allow comprehensive investigations by authorized personnel only.
“It’s imperative that security teams tightly control access to security systems. This reduces the risk of unauthorized access, misuse of data and breaches.” said John Stringer, Head of Product at Next. “Scoped Investigations enables insider risk and data security teams to rapidly carry out forensic investigations into high risk activity via a robust and audited authorisation workflow. It adds to existing Reveal platform data privacy capabilities like pseudonymization of employee details during the incident triage process.”
This new capability helps internal auditors and data protection officers (DPOs) prevent unnecessary exposure or mishandling of sensitive employee data by enforcing the ‘need to know’ and ‘least privilege’ principles. Additionally, Reveal APIs enable customers to seamlessly integrate with existing identity based authorization workflows.
“Safeguarding personal and sensitive data has become a paramount concern, as the misuse or mishandling of such data can pose significant risks and repercussions for organizations,” said Sara Radicati CEO of The Radicati Group. “Scoped Investigations introduces an innovative way to protect employee privacy while ensuring effective security investigations of potential incidents. This new feature exhibits a profound understanding of the importance of balancing security initiatives with privacy obligations.”