Proof of Concept (PoC) / Trial Data & More’s Compliance Solution

Description of Proof of Concept (PoC) / Trial: prerequisites, ressource, purpose and outcome

mann2

Download as a PDF

Purpose of the PoC

The purpose of this PoC (or Trial) is to grant the customer insight into how well the Data & More solution matches the requirements and business needs.

In the PoC, the customer will receive a demonstration of the solution's privacy classification on real data, hands-on experience with compliance analytics, and a demonstration of how a clean-up flow works for the project participants on their own data.

As part of the PoC, the Data & More will:

Demonstrate capabilities: Show how Compliance Solution can identify and locate non-compliant privacy data
Deliver comprehensive privacy analytics: Provide an overall compliance report with a detailed analysis of the scanned data, age, location type, e.g.
Provide personalized clean-up reports and overview: Send each project participant a cleanup overview showing their own non-compliant privacy data.
Demonstrate the different features of the solution: Demonstrate functionalities like subject access requests and custodian mapping, e.g
Deliver a final PoC privacy data analysis report: The customer will receive a report showing the result of the scanned data source.
Introduction to a best practice organization rollout of privacy clean-up: Based on hundreds of privacy clean-up projects, Data & More introduces how the client may carry out a roll-out with minimal interference for the employees and the compliance team when using the solution.

The activities and deliverables in the PoC will enable the customer to get an insight into the amount of non-compliant privacy data in sample data, the efficiency of the Data & More solution, and how a potential implementation could be carried out.

Prerequisite

Before a PoC can be started, there are two prerequisites:

A signed PoC agreement
A signed Data Processing Agreement

Data & More will send both documents to the customer before starting a PoC.

Furthermore, the Customer must choose a small project team for the PoC:

Put together a PoC project group consisting of 3 or more employees

The data to be scanned must be chosen as well:

Select 10-15 e-mail accounts from Exchange (or the data source that has been agreed to use for the PoC)

The data for the PoC is used for the privacy data analysis. The data should also include the PoC project group’s e-mail accounts, as these can be used when demonstrating the personal clean-up report and overview. If possible, use e-mail accounts from different types of users and e-mail accounts that have been employed for more than a year.

Data & More needs access to the data to scan it. This is taken care of in a meeting with Data & More and a member of the Customer’s IT security team.

PoC activities

The PoC is carried out in 5 quick steps. After the second step, Data & More is able to scan the chosen data.

IT setup

The easiest and best way to test is on e-mail accounts on O365 or, alternatively Exchange on-premise.

Only one meeting with an employee from IT security (with admin rights for mail) is needed. We provide a how-to guide on our support page: https://support.dataandmore.com/en/knowledge/poc-meeting

Once the rights and access have been carried out, the data scanning will start.

PoC Workshop(s)

The workshop introduces the solution and our best practice implementation, standard communication templates, and a walkthrough of our standard clean-up flow, which the project team members will try on their own data.

The workshop(s) include topics that are important for the customer regarding data scanning and clean-up.

Topics in the PoC Compliance Workshop:

Introduction to Data & More Solutions
Privacy classification
Compliance analytics
Exception handling
End-user options walkthrough
Communication templates
Cleanup flow & report
Best practice organizational implementation
Overview of how much data the customer has and in which sources
Review of tasks for the next meeting
Miscellaneous

If another workshop is needed, it will booked at the end of the first workshop.

Personal Clean-up report

The project participants will receive an email with the standard text and a link to their personal clean-up report, which will show all the privacy data found in their email accounts. There will also be a link to a “how-to video.”

The project participants can mark some of their emails with the standard end-user options to test the functionality. No data will be deleted or moved.

Screenshot of the Personal clean-up report:

Screenshot of the analytics dashboard:

PoC Evaluation

At the end of the PoC, the project team can provide feedback and evaluation based on the process, the reports they received, and their overall impression of the solution.

Data & More will present a PoC privacy report of the key findings.

Agenda for PoC Evaluation:

Feedback from the project participants
Overview of the compliance level
Presentation of the PoC privacy reports key findings
Walkthrough of a high-level best practice rollout plan
Q&A, Miscellaneous
Possible next steps

Possible next step

If the customer wishes to continue with a subscription after the PoC period, the setup might be retained so additional data sources can be connected. In this way, the customer can quickly begin the full scanning and proceed with the further organizational rollout and actual data cleanup.

On some occasions, the PoC set-up cannot be used as the operational infrastructure and a new set-up will be needed. Data & More will clarify this with the customer’s IT department.