Canopius logo - Case Study - Oyster IMS

Shrinking the Haystack with Data Discovery

Oyster IMS delivers a data discovery solution for increased visibility of unstructured data to improve security, efficiency, and compliance, including with the UK General Data Protection Regulation (GDPR)

Overview

Canopius is a global specialty (re)insurer.
One of the top 10 insurers in the Lloyd’s insurance market, Canopius wrote over US$1.5 billion premium across the group in 2019.

Challenge

New insurance legislation was the main driver for Canopius to examine its data storage processes, and it was quickly apparent that both structured and unstructured data needed to be in scope. For Canopius, unstructured data meant anything from PDFs, documents, and spreadsheets, to photos, videos, and custom files. David Francis, Group Data Protection Officer and Head of Information Governance for Canopius, explains further: “In our industry, it’s easy for organisations to adopt a ‘hoarding mentality’ when it comes to data. Companies are reluctant to delete any data that might be useful at some point in the future. However, this has a real impact on storage requirements, and if the information is not indexed it will be hard to find. Plus, data privacy laws mean that data kept beyond a certain timeframe could leave companies open to penalties.

Focus on unstructured data

It is predicted that unstructured data will account for 80 percent of all data created in 2025*. With this in mind, Canopius looked for a data discovery solution to find, cleanse, classify and migrate data – content and metadata – to where it needs to be.

Solution

Canopius was very clear that this was not an issue to be solved by IT and technology in isolation. Francis worked with Oyster IMS’ experienced information governance consultants to devise a business-led programme to identify information owners, gain senior management backing, and create a clear ongoing communication strategy.

This programme was then supported by industry-leading data discovery technology implementing business rules to verify data, identify and remove trivial information, tag data based on content, archive appropriate data and migrate information.

Francis comments on the application: “ControlPoint is completely customizable for teams, or even different individuals. So, depending on the requirements, it will treat their data in a certain way. Once the process was implemented, as we recognize that our business changes all the time, we set up a regular monitor and review schedule to ensure this is not a ‘one-off’ exercise, but becomes second nature to us.

Efficiency benefits: time-to-value

Bringing structure to unstructured data soon started paying dividends. Canopius is an acquisitive company and one of their audits found a ‘lost’ HR area that the current team were not aware of. As HR data is inherently sensitive, it was vital to manage it appropriately. When the team found examples of confidential information saved in a less secure area they could rectify this immediately. With new data coming in from different companies, their data discovery solution can recognize common data formats and define granular policies for different data sets which proved very useful.

Canopius use their data discovery tools to manage eDisclosure requests for litigation: “Locating 2.5TB of relevant information would have taken me at least a month before. With our new data discovery capability from Oyster IMS, I was able to collate information across multiple repositories and respond to the request within a morning.”

Canopius also uses data discovery as an efficient process to support GDPR ‘right of erasure’ requests, conducting searches across all their information silos and returning all instances of the requested data for deletion. Data subject access requests (DSARs) are also managed through their data discovery solution, which hugely streamlines and speeds up the process. According to Francis: “We had already established effective data discovery processes when GDPR came into force. It really put us ahead of the game as we had done the groundwork and were already applying GDPR principles to our data.”

Results

Canopius has so far deleted over 4.3 million files. As Francis says: “By shrinking the haystack, you will find the needle faster. We spend less time looking for something and more time making data-driven business decisions.

Efficiency and productivity improvements are not the only benefits Francis has noticed: “We have reduced our storage costs and improved our response to audits and GDPR information requests. By knowing exactly where our data is and what purpose it serves, we have enhanced our whole information governance regime. We are confident that this will reduce our exposure to penalties or sanctions related to data privacy breaches and are beginning to explore how we can extract meaningful insight from our unstructured data.”

He concludes: “Working with Oyster IMS has allowed us to reduce our liability and given us the tools to make intelligent decisions on our data retention policies. This is a great example of business and IT working together for success.”

Download the Data Discovery Case Study

  • Your email address is used only to send you the requested brochure. Please see our privacy policy to find out more.

  • This field is for validation purposes and should be left unchanged.

 

* Source: IDC (2020)

Share this page

Download our brochure

  • Your email address is used only to send you the requested brochure. Please see our privacy policy to find out more.

  • This field is for validation purposes and should be left unchanged.

© Copyright 2021 Oyster IMS  |  Web design by Union 10 Design

Oyster IMS statement on impact of COVID-19

We do not believe that this outbreak will have a direct impact on most of our services.

We are continuing to monitor the situation, liaising with partners and suppliers critical to the operation of our services, and all those who are dependent on our business.