The European Commission's General Data Protection Regulation (GDPR) deadline has passed, but some companies are still struggling to catch up.
Website visitors in Europe have found that some online services have temporarily barred access until data management and practices are in place, while others which have collected masses of data from consumers unchecked for years are now faced with a challenge -- finding out where this data is, how information is secured, what information is under the GDPR umbrella, and how it can be made compliant.
This challenge is at the heart of a new Software-as-a-Service (SaaS) offering from IBM Security.
The new solution, Guardium Analyzer, was announced on Tuesday and is a SaaS service designed for firms seeking out GDPR-relevant data across their IT environments.
The tool uses a data classification engine and GDPR-based data patterns to find and classify information across the cloud and on-premise databases, before assessing and prioritizing what actions should be taken to secure such data.
Guardium Analyzer is also able to scan databases for known security vulnerabilities and missing security patches which may impact data protection, as well as identify which databases are most likely to be relevant for GDPR audits.
The tool includes a dashboard which automatically updates based on what actions have been taken to ensure GDPR compliance.
"This continual benchmarking is essential to helping companies maintain their compliance and continue to build a stronger data protection programs over time," IBM says.
"While GDPR went into effect May 25, many companies are still very early on their journey to GDPR compliance," said Cindy Compert, CTO of Data Security & Privacy at IBM Security. "Simply getting a handle on all of the personal data that exists is a critical first step, but it's also one of the hardest steps as data is constantly growing, changing, and multiplying."
According to IBM's Chief Privacy Officer and European Data Protection Officer (DPO) Cristina Cabella, GDPR does pose a challenge, but the regulations also present an opportunity for the enterprise.
The executive believes that GDPR requires "more accountability and more transparency" from companies, but these can also act as building blocks for improved customer and vendor relationships, as well as business innovation.