By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
DenyAccept

Introducing Policy Maker – Automate Data Governance and Loss Prevention

Product

by 
Elizabeth Nammour
February 6, 2025

Teleskope has always had one mission – to give teams the tooling they need to protect their data by default, no matter what it contains or where it lives. With the release of Teleskope’s expanded Policy Maker, we’re one step closer to realizing this vision. 

With our new and improved Policy Maker, you can create, monitor and enforce data governance and loss prevention from one central place, letting you: 

  • Streamline policy enforcement with automated redaction, data deletion, and access control – across both third-party apps and internal data stores
  • Apply blanket policies across your environment, or choose from a wide range of policy triggers and filters to address highly targeted use cases
  • View, monitor, and approve enforcement actions in real-time

Protecting PII in Google Workspace

Say you’ve integrated Teleskope with your company’s Google Workspace account. Upon integrating, Teleskope will instantly begin to crawl, scan and classify all the data stored in personal or shared drives, surfacing our classifications in the Data Catalog. As the catalog populates, a concerning trend emerges – there are thousands of files containing customer PII that are shared with users outside of your organization. Enter Policy Maker

Creating a Policy

Create a policy

Creating a new policy in Teleskope has never been easier. Our intuitive policy builder walks through the process from creating a trigger to adding conditions and selecting the desired actions. Combine as few or as many conditions as you need to apply policies across your enterprise, or target data in a certain location to address specific concerns.

Addressing your Google Workspace issue just takes a few clicks:

  • First, create a policy trigger for any PII that’s detected in Google Drive. 
  • Next, add conditions to only trigger the policy on files that are shared with external users.
  • Consider any additional filters, like limiting the policy to certain types of PII, certain Drives, or to only include files that have not been edited in the last six months.
  • Lastly, choose actions you’d like Teleskope to take when a violation is detected. You can trigger alerts in Slack, automatically create Jira tickets, revoke permissions instantly, redact the sensitive data elements, or temporarily quarantine the file while it is under investigation. 

Your new policy will immediately begin finding and addressing any past violations, and will continually detect new violations in real time. 

Monitor Violations

Violations Page

Easily monitor policy violations with our new Violations page. Review emergent security risks across all active policies, or for a specific policy. Teleskope automatically assigns a severity based on what data elements we detected, and shows what action, if any, has been taken to resolve that violation.

Investigate Violations

Investigate in Violation Manager

Worried about fully automating policy enforcement? Teleskope’s Violation Manager allows for human review of each violation, ensuring highly sensitive data isn’t touched without thorough investigation. 

To address sharing of PII in a Google Drive file, the Violation Manager gives you visibility into exactly what type of PII has been classified, which external users have access to it, and whether they’re using that access. With this added context, you can effectively triage violations and determine what action, if any, is required. Need even more context? Request temporary access to the file in question right from within Teleskope. 

Manage Policies

Policies Page

Lastly, you can view and manage all your policies and your enforcement workflow from a single Policies page. View the number of violations by status, and see how many violations Teleskope has detected, how many actionable violations remain, and how many violations were resolved and ignored.

Policy Maker is now available to all Teleskope customers. Schedule a demo today to learn how Teleskope can streamline policy enforcement across your data landscape.

Introduction

Kyte unlocks the freedom to go places by delivering cars for any trip longer than a rideshare. As part of its goal to re-invent the car rental experience Kyte collects sensitive customer data, including driver’s licenses, delivery and return locations, and payments information. As Kyte continues to expand its customer base and implement new technologies to streamline operations, the challenge of ensuring data security becomes more intricate. Data is distributed across both internal cloud hosting as well as third party systems, making compliance with privacy regulations and data security paramount. Kyte initially attempted to address data labeling and customer data deletion manually, but this quickly became an untenable solution that could not scale with their business. Building such solutions in-house didn’t make sense either, as they would require constant updates to accommodate growing data volumes which would distract their engineers from their primary focus of transforming the rental car experience.

  • list
  • list
  • list
  • list

Continuous Data Discovery and Classification

In order to protect sensitive information, you first need to understand it, so one of Kyte’s primary objectives was to continuously discover and classify their data at scale. To meet this need, Teleskope deployed a single-tenant environment for Kyte, and integrated their third-party saas providers and multiple AWS accounts. Teleskope discovered and crawled Kyte’s entire data footprint, encompassing hundreds of terabytes in their AWS accounts, across a variety of data stores. Teleskope instantly classified Kyte’s entire data footprint, identifying over 100 distinct data entity types across hundreds of thousands of columns and objects. Beyond classifying data entity types, Teleskope also surfaced the data subjects associated with the entities, enabling Kyte to categorize customer, employee, surfer, and business metadata separately. This automated approach ensures that Kyte maintains an up-to-date data map detailing the personal and sensitive data throughout their environment, enabling them to maintain a structured and secure environment.

Securing Data Storage and Infrastructure

Another critical aspect of Kyte’s Teleskope deployment was ensuring the secure storage of data and maintaining proper infrastructure configuration, especially as engineers spun up new instances or made modifications to the underlying infrastructure. While crawling Kyte’s cloud environment, Teleskope conducted continuous analysis of their infrastructure configurations to ensure their data was secure and aligned with various privacy regulations and security frameworks, including CCPA and SOC2. Teleskope helped Kyte identify and fortify unencrypted data stores, correct overly permissive access, and clean up stale data stores that hadn’t been touched in a while. With Teleskope deployed, Kyte’s team will be alerted in real time if one of these issues surfaces again.

End-to-End Automation of Data Subject Rights Requests

Kyte was also focused on streamlining data subject rights (DSR) requests. Whereas their team previously performed this task manually and with workflows and forms, Kyte now uses Teleskope to automate data deletion and access requests across various data sources, including internal data stores like RDS, and their numerous third-party vendors such as Stripe, Rockerbox, Braze, and more. When a new DSR request is received, Teleskope seamlessly maps and identifies the user’s data across internal tables containing personal information, and triggers the necessary access or deletion query for that specific data store. Teleskope also ensures compliance by automatically enforcing the request with third-party vendors, either via API integration or email, in cases where third parties don’t expose an API endpoint.

Conclusion

With Teleskope, Kyte has been able to effectively mitigate risks and ensure compliance with evolving regulations as their data footprint expands. Teleskope reduced operational overhead related to security and compliance by 80%, by automating the manual processes and replacing outdated and ad-hoc scripts. Teleskope allows Kyte’s engineering team to focus on unlocking the freedom to go places through a tech-enabled car rental experience, and helps to build systems and software with a privacy-first mindset. These tangible outcomes allow Kyte to streamline their operations, enhance data security, and focus on building a great, secure product for their customers.

Read more articles
from our blog

Introducing Context Previews - Instantly view the context around data classifications

Introducing Context Previews - Instantly view the context around data classifications

Classification engine identifies personal and sensitive information with unparalleled accuracy, and contextually distinguishes between.

Exploring Data Security with Brandon Jefferson, Director of Information Security at Enpro

Exploring Data Security with Brandon Jefferson, Director of Information Security at Enpro

Classification engine identifies personal and sensitive information with unparalleled accuracy, and contextually distinguishes between.