As organizations globally address GDPR merely as a compliance regulation, Exate Technology is a data security company that focuses on helping its clients to develop an overall data strategy to constantly meet the ever changing data privacy requirements. Exate, with its purpose-built GDPR solution, helps organizations to stay compliant with GDPR and also, control cross-border data movement. “Founded by experienced specialists from the highly regulated banking industry, Exate has created what a client recently described as ‘magic,’” says Peter J. Lancos, co-founder, and CEO of Exate. Although GDPR was formulated to control how data is used, stored, and transferred to and from the European Union (EU), it was also created to restore trust around data privacy. This is where Exate helps its clients.
One of the major misconceptions about GDPR is that it restricts work efficiency because of the need to protect data at rest, in transit, and in memory. Addressing this challenge, Exate provides a key management system that grants data access to both authorized and eligible users. The access is logged, and after task completion, the data returns to a pseudonymised state. Exate has the unique ability to provide the rules around data access at three different levels—cross-border rules, internal compliance policy and the rights of data subjects, including consent and Right to be Forgotten.
Exate offers clients a simple and future-proofed data strategy to address GDPR, cross border data transfers, and Brexit
In addition to GDPR, Exate understands the challenges that Brexit will cause. Whereas transfers between the UK and the EU are not currently considered to be cross border, this will potentially change in the post-Brexit world. “Exate offers clients a ready-made Brexit solution by allowing firms to use technology to enforce data policy,” says Sonal Rattan, co-founder, and CTO at Exate.
The company’s solution is valued by its clients due to the ease and flexibility of its implementation. Exate allows firms to implement solutions at their own pace. One sensitive attribute of a single data subject can be protected; based on the outcomes, this can expand to either increase attributes of the same person, or add more people from the same attribute. Unreliable data quality is not a problem, as the Exate solution can legislate for this.
Exate supports customers with client-side solutions to protect the desktop, as well as server-side solutions to protect data flowing through APIs. As part of GDPR compliance, Exate assists its clients with the control of internal information flow between different divisions of an organization. Also, Exate is playing a vital role in helping clients take calculated decisions pertaining to the use of third-party cloud applications, and in adhering to the controller-processor relationship requirement of GDPR. The technology used by Exate not only applies to GDPR but also for data privacy regulation from other nations, such as China Cybersecurity Law, PDPA in Singapore and the like.
Going forward, Exate aims to leverage artificial intelligence (AI) and machine learning, coupled with their attribute-level encryption of text, to protect sensitive data in documents. Exate’s solution complements the currently existing solutions provided by Microsoft, making it possible for the users to protect specific attributes within documents, in addition, to remotely granting and revoking access.