Know your data

Take a proactive approach to preventing Data Breaches

We can help you take a proactive and technology-driven approach to preventing exposure of sensitive or personal information all while enhancing your organisation’s overall compliance with privacy legislation: current and expected. We can even scan your network for at-risk information.

Privacy Management Evolved

A technological approach

We take a digitised and fully automated approach to ensuring your are compliant with the Australian Privacy Principles, no exorbitant fees for spending hundreds of man hours cleaning or cataloguing data. Rather, we can recommend a modern technology system that integrates with your existing infrastructure and allows you to efficiently transition to best practice.

Effortless Compliance with APP 1

The Office of the Australian Information Commissioner (OAIC) and other regulators are increasingly looking for organisations that embrace transparent and auditable privacy management. If required, we can create or enhance documentation to reflect your integrated technology systems and the data flows within your organisation.

Easily Manage Retention/Deletion

Excessive data which should not have been retained or collected creates significant cyber risk. It’s a complex problem that we aim to solve by ensuring technologically auditable data flows and processes that automatically flag out of date data for deletion. Using this approach you can effortlessly reduce the amount of data held down to levels compliant with the Privacy Act.

Know your Cyber Attack Surface

While all efforts to prevent data exposure should be pursued, full preparedness means being able to easily identify what individuals may have been impacted given any particular data exposure. With a fully implemented privacy management system, you know who’s information is stored where at all times, meaning the risks of any given intrusion vector are known in advance.

Introducing the Customer Data Platform (CDP)

Think of it as middleware that keeps track of your data, the Customer Data Platform (CDP) is software that provides audit and management capability of customer data as it is being collected and moved throughout your organisation.

How it works

CDP works by having integrations into collected data points, and then controlling what software applications that data is sent to, or limiting the amount of data that may be sent.

Why use a CDP Platform?

Organisations that have a correctly implemented CDP can audit where Personally Identifiable Information (PII) has moved, been collected or used, as well as proactively enforce data retention policies.

Can it reduce my cyber risk?

If an organisation with a CDP experiences a cyber security incident, they will be able to quickly and efficiently identify individuals that might be affected, significantly reducing the costs of responding and the risks of misuse of the information.

Learn more about CDP

Services that stop data breaches

Artificer can implement a system to create transparent and auditable data flows of Personally Identifiable or Sensitive Information. We can also scan your existing systems to ensure that loose information outside of the system is removed from possible exposure. For more information on either service, see the below.

Setup a Customer Data Platform

Setup a modern and sophisticated PII and sensitive information management system for your organisation.

Scan for at-Risk Data

Scan your organisation’s network for misplaced personal information to enforce your data retention policies.

Customer Data Platform

Learn how a Customer Data Platform (CDP) can help you achieve a new level of control over your organisation’s data.

Originally built to maximise the commercial potential of data, CDP platforms have matured to include powerful data governance features.

Implement a modern data governance system

The opportunity to implement a Customer Data Platform is one to embrace a new level of control and compliance with data security, protection and management obligations. Read on below to get a snapshot of the advantages of a successful implementation.

Unify your sources of data collection

CDP is a system that can create a unified data flow from all your digital collection sources. This means that before any sensitive or personal data is stored on your network, you have programmatic control over where the data is stored, whether it’s de-identified and how its handled by each department or system in your organisation.

This means you have a toolkit available to you to programmatically mirror your data collection and privacy policies that can manage all collection of customer data centrally.

Store your data where you know it’s safe

CDP systems are not typically designed to store data themselves, instead the system will allow you to choose to store your data in a dedicated data warehouse where you can choose the level of security controls. The data can then be pulled from the warehouse, transformed in the CDP and pushed to the various places in your organisation where it needs to be used.

There are numerous advantages to taking this approach; push only the data that you need to use to where it’s needed, and even de-identify, hash or prevent access to certain parts of your organisation as required by your privacy policy.

Respond easily to subject access or deletion requests

Data subject access or deletion requests are becoming ever more common as consumers learn of the dangers of leaving their data where it’s no longer needed. When you have an implemented CDP with a data warehouse, you easily and programmatically wipe all traces of the data subject using just the data platform. No need to go through to each department and ensure that their systems have removed the data subject.

It’s a similarly streamlined process for access requests. Because the data warehouse managed by the CDP will have the master record of the data subject, you can easily extract it for the data subject, knowing that any other records that exist within the organisation will be a subset of that record. This means you don’t have to check that one part of your organisation has data on that individual that you don’t know about. It’s quick, easy and managed from one place.

Vendor-agnostic approach, always

We’re true consultants and advisors, so while we’re familiar with the market leading CDP applications, we don’t take a view about which is better overall at any given point in time. If we familiarise ourselves with your requirements, we can take a view about which would suit your goals better, and therefore recommend one of the platforms. It’s really a question of marrying the right tool to the right job, and we’re here to help you do that.

Scan for At-Risk Data

Learn how Artificer can help your organisation clean up unused data that may be at risk of breach in any data incident.

We can use automated scanning techniques to ensure that PII is only being stored in your secured data silos, eliminating all other at-risk data.

Prevent data breaches before they occur

A scan for at-risk data in your organisation’s network is a critical step to reduce your exposure levels to a data breach. Artificer has developed a process to increase organisations’ compliance with Australian Privacy Principle 11.2. The principle is sometimes referred to as the ‘retention’ principle which requires organisations to destroy or de-identify information that is no longer needed.

Use automated tools to simulate attack

Just like a real intruder in your network might, we can use automated tools to map and scan your network for outlying sources of Personally Identifiable Information (PII). Once completed, we can build a consolidated picture of any PII that we find and report back to you.

This information is essential for identifying where clean-up and consolidation of the information can happen. It can significantly reduce the risk of reportable data breaches by ensuring that information only exists in controlled systems where you are able to proactively manage data security and your retention obligations.

Map out all of your data silos

A key part the scanning process is mapping your entire network, involving the assistance of your IT experts where appropriate. This gives you a wholistic view of where data resides and allows you to ensure that all sensitive data is subjected to the level of risk controlled by you. Where it is found that you are storing sensitive data without the desired security controls, you can take steps to add additional security layers, or reduce the level of data stored in that silo.

Executive-level reporting, written in plain English

At the conclusion of the scan, Artificer will provide a report written in plain English, digestible by executives, explaining the level of loose PII we found in your organisation’s network. We can offer practical recommendations on what data to delete, leveraging our expertise as privacy lawyers and technologists.

Let’s talk

Get started quickly

Need urgent action on a project? We can pull together an action plan quickly using our digital-first approach to scoping and quoting. No waiting on project managers to construct an elaborate Gantt Chart – just quick answers.

Free and fast pricing information

Once we’ve agreed to help, we deliver an online Statement of Work which contains a quick summary about what work we’re proposing and our estimates. Don’t sign anything until you see our estimate, we make it so easy to compare.

Ask us anything

Need more info to get started? Feel free to drop in a videoconference or booking link into the form and we’ll answer any questions you have.

Your submission will be handled in accordance with Artificer’s Privacy Policy, which you acknowledge by making the submission.