LightBeam Dashboard Outlay

Outlay

The Outlay section of the dashboard helps monitor and assess the organization’s data risk posture. It focuses on tracking sensitive data, privacy compliance, and security policies to help identify potential vulnerabilities.

Data Sources

This metric provides an overview of the data sources being monitored, categorizing them into healthy and at-risk groups based on policy violations. The data sources in the “At risk” category are those in which objects have violated a configured policy.

Risky Data Sources

This metric identifies data sources categorized as "risky," meaning one or more objects in the data source is violating a configured policy. This helps highlight areas that need immediate attention and mitigation strategies.

Live Data Discovery

Live data discovery helps track an organization’s data landscape in real-time. It provides an up-to-date understanding of the total volume being monitored and the organization's sensitive data exposure in terms of the number of sensitive data elements found. It ensures that any new or evolving data is monitored continuously for security risks. Allows to sort the View by Day or Cumulatively.

Total Data Monitored

This metric shows the total volume of data being actively monitored, measured in gigabytes (GB). It helps to quantify the scope of data being tracked and managed for privacy and security risks.

Total Attribute Instance(s) Found

This metric counts the number of attribute instances (sensitive data elements) found across all your data sources. Identifying sensitive data instances is essential for ensuring adequate data protection measures and compliance with data privacy regulations such as GDPR.

Total Policies with Alerts

This section shows the total number of active policies in place that have triggered alerts. These alerts indicate a violation of security or privacy policies and need immediate review.

Discovery and Classification - Detection (Total Alerts)

This metric reflects the total number of alerts triggered from a Detection policy.. These alerts are generated when sensitive data is identified in unauthorized locations.

Data Lifecycle: Retention (Total Alerts)

This metric shows alerts related to data retention policies. Alerts are triggered when data exceeds retention periods or is improperly managed, ensuring compliance with regulations such as GDPR or CCPA.

Access Policies: Internal Access (Total Alerts)

This metric tracks alerts triggered by internal access to sensitive data. It focuses on monitoring unauthorized internal access to critical information, which is key to enforcing access control policies.

Privacy Rights

Privacy rights metrics track data subject rights requests and help manage privacy compliance.

Data Subject Requests (Open and Total)

This metric tracks the total number of open and completed data subject requests (DSRs), such as requests for access, deletion, or modification of personal data. It’s essential for ensuring compliance with privacy regulations like GDPR.

Consent Management (Consent Records) (Opt-Ins, Opt-Outs, Total)

This metric tracks consent records and the actions associated with them. It includes opt-ins, opt-outs, and the total number of consent records, ensuring that consent is appropriately managed in line with data protection laws.

Cookie Consents (Total Domains and Total Cookies)

This metric monitors cookie consent for your organization. It tracks the total number of domains and cookies where consent has been collected, helping ensure that your organization complies with cookie consent requirements across websites.

Document Types: Labels (Top 5)

This metric categorizes and labels the top five document types containing sensitive data. Labeling helps prioritize document security, ensuring that critical documents are protected from unauthorized access.

Entities (Total and At Risk)

This section tracks the total number of entities (e.g., persons, organizations, systems) whose sensitive data is present within your data sources, and identifies those considered "at risk" due to policy violations.

Users with Access

This metric tracks the number of users who have access to entities' data. It helps ensure that only authorized personnel can access entities' information and plays a key role in maintaining data security and access governance.

Unresolved Alerts (Total Alerts)

This metric shows the total number of alerts that remain unresolved. These alerts typically indicate security or privacy violations that require further investigation or action to mitigate risks.

Critical Alerts

This sub-metric focuses specifically on critical alerts—those representing severe security or privacy breaches that require immediate attention

Privacy Assessments

The Privacy Assessments section provides insights into the organization’s readiness to manage privacy risks and assess the impact of processing activities on personal data.

PIA (Privacy Impact Assessment) (Review Pending and Total)

This metric tracks the status of Privacy Impact Assessments (PIAs), showing how many are pending review and how many are completed. PIAs help assess the risk and impact of processing activities on personal data and ensure compliance with privacy laws.

RoPA (Records of Processing Activities) (Review Pending and Total)

This metric tracks the completion and review status of RoPA, which documents the organization's data processing activities. It helps ensure compliance with data protection regulations and provides transparency into how data is handled.

Governance (Users with Access and Sensitive Objects)

The Governance section focuses on access control and the management of sensitive objects within the organization. It gives visibility into how many users have what type of access to how many sensitive objects. The Governance module additionally ensures that only authorized users can access sensitive data. Includes a Link to the Governance Dashboard.

It is important to note a few kinds of access related risks that can help understand the threats to the security structure of an organization, if left unchecked:

• Open Access: This refers to unrestricted access to data or resources. It allows anyone to view, use, and distribute information without any limits.

• Excessive Access: This happens when unrestricted access to data or resources is given, allowing anyone to view, use, and distribute information without any limits.

• Cross Department Access: This involves granting access to data or resources across different departments in an organization. This lack of segregation can cause unnecessary exposure to sensitive information in an organization.

Users with Access

Tracks the number of users who have been granted access to sensitive data or systems. This metric ensures that access rights are appropriately assigned and reviewed regularly to limit the exposure of sensitive data.

Sensitive Objects

Monitors the total number of sensitive objects (e.g., files, records) within the organization, helping to enforce data governance policies.