Comprehensive software reviews to make better IT decisions
OneTrust Launches Vendorpedia, a Combined Security and Privacy Third-Party Risk Exchange
At the 2019 RSA Conference, OneTrust announced Vendorpedia, billed as the only security and privacy third-party risk exchange. However, it will need to increase its vendor coverage quickly to create a true value proposition.
OneTrust is a leading privacy management platform vendor. This announcement will help mature its relatively new third-party risk management solution set.
According to OneTrust, its Vendorpedia offering provides security and privacy profiles on over 6,000 third-party vendors. These profiles include pre-completed responses to many of the most popular vendor questionnaires in use. OneTrust customers can use this new service to streamline vendor security assessments.
“Vendorpedia is the first and only third-party risk exchange that brings together the information both security and privacy professionals need for the complete vendor lifecycle,” said Kabir Barday, OneTrust CEO and Fellow of Information Privacy (FIP). “We built Vendorpedia with our world-class privacy and security research expertise to be a scalable, automated and user-friendly solution for security, IT, privacy and procurement professionals alike to tackle the complex and changing third-party vendor risk management lifecycle.”
This is a welcome announcement from OneTrust. However, many customers may find that their largest vendors are not included in the service. While 6,000 vendors may sound like a lot, it just barely scratches the surface. Vendor coverage will need to grow quickly in order to make Vendorpedia a good value for most customers.
Want to Know More?
Proteus-Cyber Provides a Tactical Solution for Schrems II Stress With the Transfer Impact Assessment (TIA) Tool
The recent Schrems II invalidation of the EU-US Privacy Shield has added a layer of difficulty for organizations that operate across borders, as they now require additional contractual clauses and measures in place to ensure data can transfer freely. Privacy program management vendor Proteus-Cyber offers a streamlined solution with the release of its Transfer Impact Assessment tool.
TrustArc is partnering with BigID to add protection of sensitive data to its roster of data privacy and compliance capabilities. The move closely follows a partnership announced by two other major players in the data privacy and governance space, OneTrust and Integris.
An acquisition borne out of its users’ primary needs, OneTrust’s recent integration with data discovery giant Integris optimally positions the privacy program management software vendor against competitors in the market.
Data intelligence software vendor Alation has made the move to emphasize data governance amongst its solution offerings to make the data catalog a dynamic platform for “a broad range of data intelligence solutions.”
The industry’s first self-service privacy software solution Ethyca receives its second round of investor funding, aptly timed with the release of Ethyca Pro. The privacy management solution provides full automation capabilities for data mapping, data subject requests (DSRs), and consent management for various international privacy regulations.
To further capabilities in the data privacy space, top-tier vendor OneTrust has acquired Integris, another leading vendor within the data discovery and classification sphere. This is a two-part note that focuses on the acquisition and anticipated synergies between the two companies.
SECURITI.ai Addresses the Privacy vs. AI Debacle With the Industry’s First AI-Powered Privacy Solution
AI-powered privacy is here to stay, driven by the innovative team at SECURITI.ai. The company injects automation through AI with its PrivacyOps solution, PRIVACI, taking the effort out of mapping out personal data within its various repositories.
The privacy management software space is rapidly becoming crowded with vendors all looking to add value. 2B Advice has released the most recent version (7.0) of its software, emphasizing the support tools needed to build a privacy-aware culture.
In response to criticism over data collection practices, Google is introducing default deletion of location history in its web and application activities for new accounts.