About Tokern

What is Tokern?

Tokern is an open source data governance suite for databases and data lakes, to help you with your sensitive data management. Improve ROI of your data, comply with regulations like HIPAA, CCPA and GDPR and protect critical data from insider threats with confidence. Check out more about Tokern in our docs.

Why is Tokern an Open Source Software (OSS)?

Tokern’s founding team has invaluable experience with facing the challenges of protecting some of the heaviest data footprints worldwide. From Yahoo!, Facebook and Uber, collectively, the team has overseen most of the landmark events in the technology space. Having established Borneo - Tokern’s parent company - our team consists of practitioners that are well aware of the security and privacy compliance that our data-driven economy demands. Tokern as an OSS is Borneo’s effort to enable other security practitioners to successfully drive toward data compliance as an outcome of data security. In creating Tokern, we hope to develop our security software in a decentralized and collaborative way, relying on peer review and community production to find new ways to solve problems in this context.

What is PII / PII information?

Personally Identifiable Information, or PII, is any information that enables the identification of a specific individual. PII examples include email addresses, social security numbers, personal document IDs, and financial account information.

Why should you be concerned about PII?

Laws and regulations around the world govern how organizations deal with sensitive data and information, including PII. Notable examples include the General Data Protection Regulation (GDPR) in the EU and the California Consumer Privacy Act (CCPA) in the United States. These require organizations to implement security measures to prevent privacy breaches and unauthorized access to sensitive information such as PII.

These problems today arise primarily from the limitations of existing security tools. With most compliance testing being checklist-based and inefficient due to the absence of automation, there is often less focus on understanding the context and correlation of sensitive data.

What are the consequences of data security breaches and privacy incompliance?

Security breaches and privacy incompliance are often accompanied by a long list of consequences for an organization, which must take full responsibility for the secure management of its users’ sensitive data. Failure to do so can result in financial losses due to penalties or legal action, damaged customer trust, and personal reputations as well as permanent loss of important sensitive information.

How does Tokern enable Privacy/CCPA/GDPR compliance?

Tokern offers a suite of applications to manage the lifecycle of sensitive data in Snowflake, Redshift, BigQuery, and AWS Athena. These enable you to:

• Scan and Tag Personally Identifiable Information (PII), Protected Health Information (PHI), and Other Sensitive Data
• Programmatically monitor and manage Access Control Lists (ACLs)
• Create and Manage Masked and Redacted Copies of Data