Next DLP ("Next")
announced a new ‘Scoped Investigations' capability in the Reveal
platform that protects privacy by time bounding and restricting access
to employee activity to only investigators with an approved and
legitimate need to access it. A complementary pseudonymization feature
redacts personally identifiable information ("PII") so that security
professionals can investigate potential incidents without seeing
employee details. This prevents bias and protects employee privacy while
permitting security professionals to get their jobs done.
"Organizations now know their employee experience, or EX, directly
influences the quality of their customer experience," said Constance
Stack, Chief Executive Officer of Next. "Employees have expectations of
privacy, employers have risk to manage, and privacy and labor laws are
non-negotiable. Scoped Investigations enables organizations to improve
their EX, respect employee privacy and still secure their business."
Scoped Investigations empower organizations to meet employee privacy
expectations and comply with information security regulations by
limiting the information accessible to security analysts for forensic
analysis by default. Scoped Investigations grants time-bound, revocable,
and audited data access to allow comprehensive investigations by
authorized personnel only.
"It's imperative that security teams tightly control access to security
systems. This reduces the risk of unauthorized access, misuse of data
and breaches." said John Stringer, Head of Product at Next. "Scoped
Investigations enables insider risk and data security teams to rapidly
carry out forensic investigations into high risk activity via a robust
and audited authorisation workflow. It adds to existing Reveal platform
data privacy capabilities like pseudonymization of employee details
during the incident triage process."
This new capability helps internal auditors and data protection officers
(DPOs) prevent unnecessary exposure or mishandling of sensitive
employee data by enforcing the ‘need to know' and ‘least privilege'
principles. Additionally, Reveal APIs enable customers to seamlessly
integrate with existing identity based authorization workflows.
"Safeguarding personal and sensitive data has become a paramount
concern, as the misuse or mishandling of such data can pose significant
risks and repercussions for organizations," said Sara Radicati,
president, and CEO of The Radicati Group. "Scoped Investigations
introduces an innovative way to protect employee privacy while ensuring
effective security investigations of potential incidents. This new
feature exhibits a profound understanding of the importance of balancing
security initiatives with privacy obligations."