Saga specialises in products and services for life after 50, including insurance, holidays and its best-selling magazine. The company prides itself on customer service, and this commitment extends to keeping customer data secure, which is why it is using DocAuthority tools to ensure the highest protection for sensitive data. “Saga is extremely serious about data security. It is very important to our customer base, which is inquisitive about data security,” says Paul Clements, Chief Information Security Officer at Saga. A key part of Saga’s brand value is focused on protecting data assets, and to support that, the company decided to use DocAuthority as part of its IT security roadmap. Saga had a good understanding of the flow of structured data throughout the organisation, but struggled with unstructured data. Now that gap has been closed and extra protection is in place to ensure data is deleted when required, and the risk of data leaking outside the organisation has been reduced. Previously, e-discovery tools had proved ineffective, taking too much effort and time to manage. Now, with DocAuthority’s automated data loss prevention technology, which makes use of artificial intelligence (AI), Saga can identify and categorise data according to its business functionality. This enables the firm to define policies for different types of data and apply data protection appropriate to business categories. “Saga is incredibly diverse, and the old e-discovery solution was not flexible enough to meet our demands. DocAuthority enables us to identify and report in a very visual way so we can work with the business, focus on critical assets and ensure we have nailed data retention policy,” says Clements.
The software allows critical data assets to be identified and ring-fenced with more protection provided around those assets. By tagging documents with the relevant label, they can be policed properly as decisions are based on the labels put on the documents. The business is dedicated to IT security as a core brand value, and although business users are educated in proper records management, Saga can police the environment and prevent damaging data leaks. Clements says treating data as a problem that only affects IT is a misperception. “Records management is an ongoing journey. “Subject access requests can be more easily met.” Using DocAuthority has enabled conversations with the business so each department understands what assets they are managing and using,” he says. Sensitive data can be easily aligned with data loss prevention rules, and knowing where data is – unstructured as well as structured – means subject access requests can be more easily met. Clements says data protection programmes are always a work in progress, but he is now able to demonstrate risk reduction to the management team.
Subscribe to our newsletter.