By adding meta data such as project numbers or customer names to documents you can safely store and retrieve all documents and e-mails in Teams, SharePoint and OneDrive. This can be done easily by making a link from Docubird to Microsoft CRM, Exact or other databases with project, client or supplier information. Docubird will, whether mandatory or not, offer the possibility to add the right meta data from the linked databases to the documents. In this way you prevent contamination of metadata and retrieval and security become simple.
The main areas for meta data are:
- Data retention
- Records Management
- Data Loss Prevention (DLP)
- eDiscovery
- PII and Privacy Classification
What is data retention?
Data retention policies are a set of rules that describe what data is stored and for how long. Data retention policies are a part of data governance, which encompasses all aspects of data management, including, for example, access (rights) to the data.
In essence, it is about the following points:
- Which data (documents and e-mail)?
- Who manages the data (documents and email)?
- What is the retention period for documents and e-mail?
- Are there any legal requirements?
What is Records Management?
Records Management can be translated as archive management. It includes all documents (and possibly multimedia files) that are archived within a company. In an IT context, the term usually refers to a digital way of archiving using a DMS such as SharePoint, Teams and OneDrive.
What is Data Loss Prevention (DLP)?
Data loss prevention is the practice of detecting and preventing data breaches, exfiltration (leaks) or accidental destruction of sensitive data. Organisations use DLP to protect and secure their data and comply with regulations.
What is eDiscovery?
eDiscovery is a process - for example, in response to a request from a regulator, a request for access or a legal dispute - in which enormous amounts of information must be searched, structured and presented in a short period of time. This must be done responsibly and transparently so that all parties involved can use the results of that investigation.
Detecting personally identifiable information (PII) with Azure AI via Docubird
To comply with GDPR guidelines, organizations are required to protect sensitive information and prevent it from unintentional disclosure. Docubird uses Azure Cognitive Search to detect and appropriately classify this sensitive information.
What is personally identifiable information?
Personally Identifiable Information (PII) is any information that can be used to identify a person, such as names, driver's licence numbers, SSNs, bank account numbers, passport numbers, email addresses and more. Regulations such as GDPR require strict protection of user privacy.
Detecting PII with Azure Cognitive Search
Docubird uses Azure Cognitive Search to detect PII. Azure Cognitive Search is a cloud solution that provides Docubird developers with APIs and utilities for adding a comprehensive search experience to their data, content and applications. Cognitive Search allows you to add cognitive skills to apply AI processes during indexing. Doing so can add new information and structures that are useful for search and other scenarios.
The AzurePII Detection skilldetects personally identifiable information from a document and allows you to classify it in different ways This skill uses the machine learning models provided by Text Analytics in Cognitive Services.
If a document in SharePoint, Teams or OneDrive is requested via Docubird, it is scanned for PII by Azure Cognitive Search. Based on the information found, it is categorised according to the following classification scheme:
- Highly confidential: Share the most critical data only with named recipients.
- Confidential: Limited distribution, on a need-to-know basis.
- General: Daily work, internal sharing throughout the organization.
- Public: Unlimited and sharing with the outside world is possible.
The classifications 'Highly Confidential' and 'Confidential' can be automatically added to the documents. If PII Detection is not conclusive, then the document can be classified via a Privacy Officer. This can be done automatically via Microsoft Power Automate.
Want to know more? Schedule a demo to discuss the possibilities for your company.
