A large cloud-based SaaS provider grew by multiple acquisitions. This resulted in geographically dispersed databases and applications with personal identifiable information (PII) across various departments and groups within the company. The company had challenges around data privacy, access, and possible security incidents. The company also needed to be GDPR compliant.
Anglepoint identified all the data sources which had PII, determined who has access to the data, how data flows, and data classification. Based on business needs, Anglepoint confirmed if access was appropriate and identified gaps and other risks. Anglepoint also helped the company with the remediation of identified gaps.
Anglepoint identified and helped implement 110 additional controls in areas of access, data classification, threat, and patch management. Anglepoint also designed and implemented security and incident reporting policies and procedures and helped the company to become GDPR ready.