About Client
A well-established Indian pharmaceutical brand with a strong online presence in the US. They offer three distinct brands catering to various healthcare needs.
Client: Ecommerce Company
Region : US
Industry : Hardware and Home Improvement
The Challenge
Customer has outsourced a business process that included financial and other PII data and carried significant risk of data breach.
Customer required a strong data governance and privacy management framework that will not only automate and manage the data governance structures but will also adhere to compliance rules along with integration to their underlying platforms
- Data Breach and Phishing Concerns: Lack of protection measures act as a shield against potential data breaches.
- Low Customer Privacy – PII data security.
- Lack of Transparent Data Practices.
Have Questions ?
The Solution
Iksula, serving the end customer, designed and implemented a framework that can identify potential data security threats, protect personal data with predefined controls that delivers trusted experience and setup real-time incident management and response protocols to remediate risk and compliance issues.
- Mapped CCPA, GDPR Compliance to the existing processes.
- Scoring, Alerts, and reporting with insights: Created Automated Analytics that provides the compliance visibility and gap assessment and scoring.
- Security Controls: Deployed and Mapped Controls to security framework for control logging, gap identification, Implemented security policy that includes whitelisting, firewall security, hardening of systems etc.
- Automated workflows to create, schedule, assign, and track tasks
- Automated Incident Management and Response framework
Business Metric Improvement
Enhanced data privacy and compliance measures by improving several key metrics including Incident response time, data masking techniques, firewall security and data access controls.
- Incident Response Time (IRT): 99% compliance, ensuring faster detection and resolution.
- Data Masking and Access Controls: 100% compliance for physical access and 99.8% for logical access.
- Training Compliance: 100%, ensuring employees are knowledgeable about data privacy policies.
