Between benefit and protectionhttps://appnavi.eu/wp-content/uploads/2022/08/AppNavi_News_Product_Data_Protection_EN.jpg19201080Daniel BecksteinDaniel Becksteinhttps://appnavi.eu/wp-content/plugins/ultimate-member/assets/img/default_avatar.jpg
As part of digitization efforts and the implementation of digital transformation, companies find themselves facing new and, above all, contradictory challenges.
On the one hand, IT wants to protect its own infrastructure externally through IT security. Which will be further complicated as remote and new-work become more established and corporate networks become more dynamic.
On the other hand, data protection officers want to hide sensitive personal data from prying eyes, at the latest with the entry into force of the GDPR, and also guard against access by external parties. This is no easy task if digital tools are to promote collaboration and exchange within and outside one’s own organization.
It is therefore no wonder that studies (Telekom: Digitalization Index, April 2022) show that these topics – IT security and data protection – continue to occupy the top spots among the annual goals of German companies.
The balancing act between benefit and protection
So there are massive contradictions between the desires for digitization implementation and the department’s own agendas. The focus is currently still on the Herculean task of making digitization a success, because the benefits of digital transformation are obvious. Nevertheless, the dangers hover over the projects like a sword of Damocles.
So how do you master the gap between the benefits of digitization measures and the protection of data and your own infrastructure?
When selecting digital tools, it is advisable to pay close attention to the issues mentioned at the beginning. As great as the possibilities of software often are, three elements are particularly important for getting the green light from IT and data protection officers:
The General Data Protection Regulation has been in force throughout the EU since 25 May 2018. The core of the regulation is the protection of so-called personal data. Various principles, procedures and concepts are designed to ensure that names, e-mail addresses and other information that can identify individuals (especially EU citizens) do not fall into the wrong hands.
Therefore, make sure that the servers of cloud software or software-as-a-service (SaaS) products, for example, are located within the EU and check how data is collected, processed and stored within the tool.
Enterprise authentication means that a service or system authenticates a user’s logins into various applications across the enterprise and verifies the information. An interface to such services should not only offer new software, but also digital adoption solutions, because no one wants to have to constantly re-login to different places. This also simplifies user management on the part of IT.
As the term implies, this is about software displaying a certain degree of hardness that has been specified by corporations. This means that tools have already been put through their paces.
However, this is not only interesting for corporations, but also medium-sized and smaller companies benefit from it, after all, applications have already been tested by large organizations on the basis of strict requirements. In addition, you can be sure that an implementation of applications or, in our case, digital adoption platforms will run smoothly.
The AppNavi Data Protection System
At AppNavi we do not only care about data protection, but also about transparency. Therefore, we want to show you how we implement the topic with our Digital Adoption Platform with our Data Protection System.
How is data collected?
Whether during guidance or user behavior mining, data is collected at AppNavi according to a data frugalism principle. That is, sensitive data is filtered out and only data that is truly necessary is used. Users, for example, are not recorded on a personal user account basis or as an ID, but act incognito in the system. Nevertheless, their behavior, usage and interactions can be measured via AppNavi Analytics and in User Behavior Mining.
What data is viewable?
Personal or business-critical data is filtered out and anonymized, i.e. made unrecognizable, using an AI-based approach even before it is entered into the system. This is what we call data cliensing. Sensitive data such as employee names, salaries, bank details and currency amounts remain hidden. Using user behavior mining as an example, you can track the interaction with elements (e.g. filling in a text field) in the report or automatic route (user flow), but not what information was processed – i.e. what was entered and by which individual person.
As far as routes, posts, collections and pins are concerned, it is possible to evaluate in the analysis how often and how well the execution went, but not related to individuals.
Where and how is data processed or stored?
Required log or protocol data is transmitted by AppNavi exclusively encrypted and stored with state-of-the-art security standards within the EU.
Corporate Ready with AppNavi
The digital adoption platform AppNavi has developed and integrated the necessary components of modern IT security and data protection around the strong core technology from the very beginning. This is to ensure that corporate readiness really means it. Not only that AppNavi can be approved with little effort by IT and data protection agencies through this readiness and enterprise authentication, but also that further use remains maintenance-free and simply works.
After all, you want to focus on the core elements of digitization and lead them to success. Therefore, the surrounding should already come out-of-the-box. With AppNavi, this is definitely a given.