Atlas

What is Atlas?

A core component of Ethyca’s privacy platform, Atlas allows you to implement users’ data requests on your owned infrastructure.

It can be useful to think of Atlas as the counterpart to Ethyca’s data integrations. Data integrations act like a bridge for Ethyca to manage data in your business’ 3rd-party SaaS applications like Mailchimp and Zendesk. But most businesses also have databases that aren’t “off-the-shelf” SaaS, for example, proprietary databases built in MongoDB, Snowflake, or RedShift.  For truly automated privacy compliance, you also need a tool for implementing data privacy controls in those owned databases too. That’s where Atlas comes in.

Importantly, Atlas lives in your company’s infrastructure. Your data never leaves your company.

Your Atlas instance interacts with Ethyca’s web services only to exchange basic information that never reveals the structure of your databases. On one end, Ethyca’s web services notifies Atlas of Data Subject Requests (DSRs). On the other end, Atlas then notifies web services of your databases’ responses to those DSRs.

Screenshot of Atlas login pageWhy Would I Need Atlas?

Suppose that one of your users, a California resident, submits a request for their information to be deleted from your company’s data systems. To respect their data rights protected under the CCPA (and its successor, the CPRA), your team must take a comprehensive inventory of your systems to identify and remove that user’s information. Atlas streamlines this otherwise time-intensive task by automatically coordinating the appropriate database operations – in this case, information deletion – across all of your databases.

Another common use case is an access request: a user may contact your company asking to receive a copy of all personal information you hold about them. Atlas helps you standardize databases so that you can promptly deliver on these access requests with outputs that are both comprehensive and readable.

Atlas is known for its flexibility. More flexible than many other tools on the market, Atlas works with a variety of database types: both SQL and no-SQL databases. It is compatible with a growing number of databases such as MongoDB, Snowflake, Databricks, Redshift, MySQL, PostgreSQL, and Microsoft SQL.

How Do I Configure Atlas for My Databases?

To get Atlas up and running, Ethyca’s Customer Success team will help you get started with the latest version of Atlas. The team will provide the necessary API key for your Atlas instance.

  • You can customize a variety of Atlas settings for fulfilling DSRs, including:
  • How often your Atlas instance checks in with Ethyca’s web services for pending DSRs
  • How many DSRs your Atlas instance runs concurrently

Once you have Atlas deployed, you can start setting up connections to your infrastructure’s databases. Using your log-in information for the Ethyca Control Panel, you can access your Atlas instance.

In the clip below, you can see how Atlas connects with your in-house databases. After providing a database’s basic credentials and fine-tuning the access/erasure permissions, you will have a successful connection. Just to make sure the connection works, Ethyca instantly and automatically checks the connection upon set-up.

Putting the Pieces Together: Personal Data Mapping

It is vital for teams to know where they store all personal data across business systems. With databases connected via Atlas, you can review your databases and identify personally identifiable information (PII) in each table. Ethyca offers two approaches for PII mapping:

  • We can provide your team with a .yaml file to provide the mapping
  • You can use the user interface to map the PII yourself

View of PII mapping options in AtlasBecause your Atlas instance actively connects into the tables of your proprietary databases, you can standardize your data infrastructure for simplified data discovery and deletion, when appropriate. The mapping actions for include:

  • A customizable label for each data type that is easily readable for customers who submit an access request; for instance, you could label the analytics_customer_id column as “Your ID in our analytics.”
  • The particular category of PII for a given data type
  • A customizable masking strategy to be executed when a customer submits a deletion request; for instance, you can choose to literally remove data from your databases, or you could implement a pseudonymization strategy like cryptographic hashing
  • Any relevant relationships between data types

This exercise of identifying personal data in Atlas automatically feeds into your team’s overall data map, which is Ethyca’s way of comprehensively inventorying personal data throughout your company. Knowing where all personal data resides is foundational for compliance with today’s privacy regulations like CCPA and GDPR.

If you have any questions about Atlas, please reach out to us at customerservice@ethyca.com.