Classify360 By Congruity360 - A Solution for Complete Data Governance

Brooke Kumnick, Congruity360

Newly introduced to the data management solutions market, Classify360 addresses and manages the entire data governance lifecycle for enterprises with multi-petabyte data footprints comprised of legacy and new data sets. Implementing such a software allows organizations to reduce the risk of data breaches, maintain reputation, and avoid financial implications.

Classify360 has key functionality differentiators as well as customer differentiators. Classify360 obtains customizable workflows that address the needs of all departments, allowing cross-functional collaboration and efficiency across the complete organization. In addition, legacy and new hardware and cloud applications are supported, with multi-petabyte environments processed in days – not months. Data stewards manage workflows collaboratively across the organization via a management portal displaying a queue of flagged risk files that qualify for review. This ongoing, actionable data intelligence informs real-time data insight that empowers strategic, profitable business decisions.

Other key features of Classify360 include the ability to view the entire infrastructure stack at a content-level, keeping the software application and repository agnostic. Classify360 is also cloud agnostic, interfacing with AWS, Azure, GCP, private, and hybrid cloud solutions. Data is never moved beyond the firewall due to in-place management. Automated action also helps organizations to apply retention policies to and enforce industry and business regulations within future datasets. With Classify360, optimization across technological platforms such as DLP, eDiscovery, archiving tools is made possible.

The Proof is in the Classification

A recent customer came to Congruity360 after suffering a substantial data breach that leaked both current and previous patients’ personal and medical information. The customer sought assistance to further their information governance and data security capabilities.

The Challenge

At the inception of the project, one governing assumption was Customer’s production data footprint was approximately 4 petabytes (PB) in 13 unstructured and 78 structured environments. The varied data locations included three legacy Isilon storage systems, SharePoint housed on an on-prem server, SQL database, and data in Microsoft Office365 and Microsoft Exchange. These 4 PB did not include lower environments used for User Acceptance Testing (UAT) and development. Data stakeholders existed across the legal, data security, and data governance departments. These disparate teams struggled to manage the organization’s substantial data as a collaborative unit. Customer sought to classify all data, perform disposition of non-compliant data, and properly store and archive all data per regulatory and business requirements. Future data storage could include cloud (e.g., Microsoft Azure), private hosting, and Air Gap (archival off network). Initially, Customer chose to focus on classifying and migrating data from the legacy Isilon systems.

The Solution

Congruity360 proposed deploying Classify360, a data governance and rapid classification platform, to perform the classification of all data along with other information governance requirements. Congruity360 recommended a phased approach for implementing a full information governance program. The first phase required unstructured data auto-classification then would lead into the second phase which would be a full information governance implementation, and finally research and development information source.

Completely Classified

Customer’s large-scale, ongoing deployment of Classify360 has already resulted in a myriad of benefits including:

- 1.46 billion Isilon documents and 80 million Exchange documents (in a matter of weeks, not months) and 250,000+ Microsoft O365 and SharePoint documents (this portion of classification is in its infancy) have been processed to date

- Cross-departmental collaboration and data management is now possible, allowing true data governance to occur across the organization

- Hyper-specific workflows ensure compliance is maintained with both legacy and newly created data with minimal manual effort

- ROT data has been moved out to cheaper storage in the cloud, saving money and operational overhead; data older than 5 years with no business value yet protected by regulations is automatically pushed to archive storage

- Customer not only took steps to fulfill its court-ordered financial obligation by investing in Classify360, but also implemented a platform providing ongoing governance and risk mitigation to reduce the impact of future breaches and provide ancillary cost savings organization-wide

At a time when it’s not a question of “if” but, rather, “when” an enterprise’s next data breach will occur, the customer is at peace knowing its highly regulated and risky data is protected with the utmost security and caution. Healthy, ongoing retention policies have been put into place with automated workflows, monitored by a team of cross-functional data stakeholders. The customer is now using its breach experience to educate its peers within its healthcare network, sharing the tactics and solutions that have enabled them to come out of a critically difficult situation fully prepared for future success.