

In today’s dynamic business environment, startups, SMBs, and large organizations adapt to changes in an astonishing phase. Think about it, millions of people switched to work from home instantly at the beginning of 2020, then to a hybrid model, and then went back to the office in 2021. This change would be unimaginable just a decade ago. So, what made it possible? The most significant enabler is probably technology adoption, and more specifically, a wide variety of flexible solutions to pick up and glue together quickly. With more digital transformation happening in more verticals and no-code adoption by larger organizations, this trend will increase.
Integrations are great. But with a growing number of integrations comes a greater risk of data exposure by the integrated apps, whether intended (selling your data) or unintended (data leak or breach). Think about it this way, every Slack, Zoom, or Monday integration you connect, means another company now has access to your data for as long as the integration is active. Some of those companies are not as protective of the data as they should be.
The major platforms partially address this issue with basic automated or manual audits and security checks. However, from our experience, it’s still too easy to connect an app that suffers from security issues or insufficient privacy policy, potentially putting user data at risk.
Big corporations have been concerned with 3rd-party cybersecurity and data protection for years. Therefore, several solutions are solving this issue with various degrees of success. Those enterprise-focused solutions solve the problem by providing automation and structure to the developers verification process and require a dedicated information security team to operate. Some solutions include a basic “hacker-view” security scan and a scoring system, but are mainly focused on direct vendors and third-parties, and not looking one layer deeper and mapping fourth-parties as well (vendors of your vendors), such as all Slack, Zoom, Zapier integrations, or Chrome extensions. In addition, those solutions are complicated, have a steep learning curve, and are not priced for small-medium companies, startups, and freelancers, meaning they are just too expensive for most pro users.
There's an anecdote in the industry that goes something like this: "The biggest achievement of GDPR is the consent popup every website has implemented". Sure, privacy regulations and security standards helped some vendors become more aware and protective of customers' data, but most mid-small b2b app vendors are still hesitant about going through the process. And even if they do, clients would still find it overwhelming to verify data governance statements, security posture, and privacy measures implemented.
The privacy movement has brought many positive changes, like empowering users and making developers more privacy-aware, transparent, and careful with the data they collect; however, there's still a long way to go. The biggest challenge is how vendors communicate their data-protection posture to users. The everyday marketing, sales, or tech professional is just trying to figure out whether it's safe to connect a specific Slack chatbot or a Google Chrome plugin, and this task isn't easy.
We think it's possible to create a simple data protection score that everyone can understand. The best way to do this is to run a standardized data-protection analysis, monitoring all relevant indicators remotely and automatically. In fact, this is what we've been building for the last several months.
Our open solutions analyze three main aspects of every integration:
On top of that, we are working on some awesome features for our PRO solution that will seamlessly keep your data protected, help you with compliance, and keep your team safe when using business platforms, integrations, and no-code tools.
Today's data protection (or DLP), 3rd and 4th-party risk management, compliance, and data discovery solutions are available only to large corporations. Those products are offered with a high price tag, are hard to integrate, and require dedicated information security and compliance teams to operate. However, for mid-sized companies and startups (which often can have hundreds of employees), there are no good solutions. We've stumbled upon a strong demand for a product that will help companies estimate if integration is safe or not and support ongoing monitoring and data protection for teams.
Our vision is to make trust more data-driven, measurable, and open for everyone, from the small startup entrepreneur that's considering whether to use a Gmail add-on up to the corporate CISO, trying to protect thousands of employees from using unvetted Slack integrations. For that reason, we are launching an open platform, available via a simple online search and without requiring a costly subscription to access the basic data-protection score for business apps.
The data privacy revolution is still undergoing, bringing more privacy and trust to B2B vendors and their clients. Nevertheless, it won't accomplish its goal until every business, large or small, would be able to easily understand whether a given product keeps their data safe. The existing tools aren't addressing this issue. There's a need for an open data-protection score to make the SaaS and integrations ecosystem much more transparent, simple, private, and safe for everyone.
Need help? Interested in early access? Want to get in touch? Send us a message below, or email us at info@protective.ai