IT-security and a flexible GDPR solution is placed high on the agenda at Vordingborg Kommune, and the public sector in general – meet OS2datascanner.
Magenta offers an innovative and effective solution to this GDPR challenge of securing sensitive personal data. In collaboration with OS2 and Vordingborg Kommune, Magenta has developed a simple and flexible solution that is an effective cure for the lack of security of sensitive personal data.
Vordingborg Kommune’s active participation in the process of product developing OS2datascanner means that the solution is tailored to the municipality’s specific needs in terms of GDPR compliance and other challenges. There is developed a tailored, simple, and effective tool to ensure that the citizen’s sensitive personal data does not end up in the wrong places.
OS2datascanner Locates Sensitive Personal Data Across the Organization
OS2datascanner scans websites, intranet, online drives, and Exchange mail servers to make sure that sensitive data does not appear, such as:
- CPR numbers
- Health terms
- Credit card numbers
- Email addresses
The possibilities reach even further. With OS2datascanner you can create and combine search strings for your specific needs. You can create search strings and combine them exactly the way that you want, so that you are able to tailor your scans.
A Common Municipal Challenge Turned Into An Innovative Development Project
The first version of OS2datascanner was developed in 2014 for scanning websites, OS2Webscanner.
With the EU Personal Data Regulation, which entered into force in May 2018, a desire arose to expand OS2Webscanner with file and e-mail scans. The country’s municipalities have a common interest in ensuring that citizens’ sensitive personal data is effectively secured, and the OS2 community took up the challenge.
During the software development process, Vordingborg Kommune has been functioning as a so-called ‘test municipality’ for a period of six months.
In the fall 2018, OS2Webscanner was expanded with file- and mail scan. Additionally, the name was changed to OS2datascanner.
OS2datascanner – Flexible & Future-Proof GDPR Solution
OS2datascanner is an advanced scanning tool that locates person-critical data person identifiable information on websites, intranet, online drives and Exchange mail servers. OS2 data scanner consists of three modules, which can be freely selected and deselected as needed for scanning solutions.
OS2datascanner Has Three Modules
OS2datascanner consist of three modules, each with its own unique purpose:
- Web-scanning: finds critical data on websites and intranet
- File-scanning: finds critical data on online drives
- Mail-scanning: finds critical data on Exchange and Office 365 mail servers
Web-scanning is delivered as a cloud-solution. No sensitive data is stored at the supplier, Magenta. Instead, a report with references to the data is produced. File-scanning and mail-scanning is set up on your own server. Thereby, the scans are protected by the same security-level as the rest of your organization, ensuring that the data remains secure.
OS2datascanner provides a full overview of where personal data is stored. In the web-scanner module, a reference to where the data can be found is saved, and at Magenta, web-scanning is delivered as a cloud-solution.
The file- and mail-scanning module is set up on the municipality’s own servers. This comes with the benefit that the scans are protected at the same security-level as the rest of the municipality’s organization.
This flexible modular construction makes OS2datascanner a complete GDPR-solution which can be tailored to new needs, and the future jurisdictions on the field.
Office 365-Scanning & Other Expansions
Over the summer of 2019, Office 365-scanning has been added to OS2datascanner. Thereby, e-mails and attached files can be scanned directly in the Cloud.
Additionally, Magenta launched a new version of OS2datascanner in the fall of 2019. The new version can scan in the ESDH system and has more integrational-tools, such as the Employee-Organization component, OS2gir.
Currently, we are working on integrating OS2datascanner with OS GIR, so that scanning-reports can be directed to the relevant employee in the organization.
OS2gir is OS2’s Employee & Organization system which keeps track of all aspects of the organization.
Work is being done on the possibility of creating a notion database, where you can choose notions that you want to scan for. This could e.g. be health terms.
Additionally, we are looking into the possibility of scanning SBSYS.
- Secure scan of sensitive personal data
- Flexible GDPR-solution in modules, according to scanning needs
- Long-term GDPR-solution which continuously is developed according to demand and jurisdiction