INDICA Release 9.0: New look, improved performance and new super features!

Release Notes v9.0.0-715

We're happy to announce our 9.0.0 release of INDICA.

As always; we've prepared many updates, with features visible and invisible to you.

  • The new flexible workflow is available now;
  • INDICA integrates a GDPR data inventory and automatic rules;
  • We upgraded to Ubuntu Bionic (18.04LTS);
  • We upgraded to PHP 7.2, Laravel 5.7, Solr 7.5.0 and many more updates;
  • This is the first official iteration of the new INDICA UI 2.1;
  • Customization of the frontend has been taken to the next level;
  • New auto-tagging and classification from different sources (like CSV);
  • A setup and configuration wizard.

The following issues have been closed for this release

  • 1 APPLIANCE-439 Fix www/bin/index.api from old_www/www/bin
  • 11 APPLIANCE-426 Fix logging of queries, tagging and users per case
  • 14 APPLIANCE-423 Upgrade to Ubuntu 18.04LTS
  • 15 APPLIANCE-422 Create analyse button functionality in new front end
  • 154 APPLIANCE-282 Search autocomplete does not work as expected
  • 2 APPLIANCE-438 GDPR Dashboard Fixup
  • 3 APPLIANCE-437 Additional fields in the Data Inventory
  • 30 APPLIANCE-407 Data inventory creation support
  • 4 APPLIANCE-436 Config and case wizard
  • 406 APPLIANCE-12 mbox files worden als een mail gezien
  • 409 Design changes frontend
  • 411 Move activation from /net/bin/activation to php
  • 417 Tagging in preview always open
  • 419 Create tagging from a CSV file
  • 420 Remove the green hover in the frontend when hovering over a path.
  • 421 Exclude ZiesoDataTab from query tagging
  • 424 Data inventory document types should have an all option
  • 428 Logo can grow outside navbar brand
  • 429 Create EY type
  • 430 Don't show query to CSV when licence type is lower than 400
  • 432 Replace excell template
  • 433 Import Excel template
  • 438 Mime type missing form meta info
  • 439 Place tag on duplicates.
  • 443 Powered by INDICA footer
  • 445 Chart vue breaks npm run at this moment
  • 446 Load correct style in all view
  • 447 Fix seeders to be able to upgrade
  • 448 Deduplication on/off setting
  • 450 Remove workflow styling from dashboard.css
  • 453 Port the old datechanger to the new frontend
  • 455 Set correct endpoint when changing the status for the workflow.
  • 456 Workflow was saving on the wrong id and was getting it from the wrong id
  • 459 Tag deletion: 'are you sure?' modal
  • 460 Update/Move functionality from script
  • 463 Create update method
  • 466 Multiple frontend fixes
  • 469 When browsing similar documents, none of them can be previewed
  • 473 Can't move documents to single bucket
  • 474 Better checking of Data Inventory rules for seeding when multicase
  • 476 checkDomain() fails
  • 482 Put PDFJS in www/public/js
  • 483 Decode the password in the login controller
  • 49 APPLIANCE-388 Fix config.xml
  • 6 APPLIANCE-434 Long bug list
  • 7 APPLIANCE-433 EXPORT CSV from Hitlist in UI
  • 8 APPLIANCE-429 Workflow UI design


Screenshot 2018-10-19 at 13.11.59.png

PRESS RELEASE – October 22, 2018

BDO and INDICA announced today the joint proposition of a GRC Data Discovery Platform covering the support of professional services related to information management, GDPR compliance and forensic data investigations.


The extensive consulting capabilities of BDO regarding Compliance and Integrated Risk Management combined with the agile and powerful INDICA data discovery platform shapes a strong proposition for the growing market opportunity of GRC Data Solutions.


“In our go-to-market for Digital Transformation we reach out to solutions that fit our customers’ demands. INDICA proved to head the competition in bringing Data Search, Discovery and Monitoring into one platform. Flexible workflows and comprehensive dash boarding supports our customer engagement teams to work effectively on data compliance and control challenges. This platform enables us to create any customer specific set-up.“, Senior Manager Bart Bleeker of BDO says. 


René Oldenbeuving, CEO of INDICA commends: “We enable partners like BDO to shift their business to Asset Based Consulting and Managed Services models. INDICA creates a general Data Discovery Platform that BDO translates to a customer specific level. Our mission is to help minimalizing the effort needed for that translation.”


Kees Plas, BDO Consulting Partner explains: “We see a clear growing business demand for professional services and out-of-the-box solutions that cover Data Discovery challenges. Key is the question what and where data resides in the organization and who can access it, both structured and unstructured data. INDICA is providing just that all in one platform. Combined with our Security Sensor and our knowledge of compliance and cyber security we’re able to help customers with the best price-quality ratio.”


About BDO:

BDO is an international Audit & Advisory Firm active in over 160 countries. With 74.000 professionals on board we have all expertise of local markets and bundle that knowledge at the same time through our global network to create most relevant added value for our customers.

For more information about BDO please contact Kees Plas, Partner BDO Advisory:



INDICA provides an AI-based GRC Data Discovery platform that integrates eDiscovery, eSearch and Data Monitoring to one environment for data policy management & control, also crucial for GDPR implementations.

For more information about INDICA please contact Pieter Klinkert, CCO INDICA:

INDICA appoints René Oldenbeuving as new CEO


INDICA is enthusiastic to announce that René Oldenbeuving (1971) will join the INDICA team as their new CEO and co-investor. He will primarily focus on Company Strategy, Sales & Marketing and Strategic Partnerships.

In the past, René has proven to be a skilled entrepreneur and helped several companies surpassing the stage of start up/ scale up into well-established companies. Rene recently helped Motto Communications to a successful exit and in 2013 he led IASO Backup Solutions to a strategic exit. The INDICA team is happy to welcome René to lead the company to the next stage.

"The reason for me to join INDICA is my strong believe that the Data Risk & Control market is just at a very early stage of maturity and INDICA is the right software vendor to address this market." René explains. 

Since its inception in 2014, INDICA has proven to be a reliable and disruptive player in the Data Risk & Control software industry offering a low-entry intelligent Data Search engine for in-company data intelligence & (real-time) compliance.

The participation of Security of Things fund, managed by Value Creation Capital, in 2017, pushed INDICA’s growth already. Today we are looking forward to entering a next stage of further growth & maturity. INDICA believes René is the best person to guide us during this journey.

Also the INDICA founding members - Elmar Pigeaud, Pieter Scherpenhuijsen and Pieter Klinkert - put a great deal of trust in René to help the company develop and grow accordingly. 

Secrets of the lightning-fast INDICA installation

We know, the amount of time INDICA implementation takes might be surprisingly low. In a matter of days you have an up and running solution! We guarantee zero downtime of all your services, ease of implementation and easy adoption. We are against long and endless installations and unpredictable ROI.

Here are 3 components of the success:

1.    First of all, we are asking what you are trying to achieve and then together we'll define the technical and organisational starting points. 

2.    Then we send you an OVF (VM template) or installation file, created specifically for your needs. You can download the OVF and set it up yourself, otherwise our engineers can do it for you.

3.    When INDICA is up and running we'll train users and refer them to our extensive knowledge base.

Want to try it yourself? 

Indica for a small financial institution

A rather small financial institution experienced a problem in top-level decision making due to the lack of visibility in the existing data and inability to find needed documents due to the absence of structure in existing data. This triggered implementation Data Management System (DMS). A consulting firm was tasked to come up with the solution that will fulfil their needs.

The project was divided into 3 parts:

Step 1. Elaboration of standard procedures and data discovery.

Step 2. Data classification and privacy data identification.

Step 3. Data migration to DMS.

The project started with the definition of the standard rules to be adopted across the DMS. Then consultants were challenged with data discovery and audit. Using the native tools they've been able to manually process more than 2.5 million documents in 2 weeks. They have been able to extract metadata, find similarities and identify duplicates.  

The next step was to classify the data and detect privacy data. The main challenge was to run this process on unstructured data. At this point consultants adopted INDICA which is perfect with unstructured data. After a month long the results were the following:

  1. In case INDICA was implemented at the Step 1 it would save up to at least 4 weeks of manual data discovery.
  2. Auto - classification was done on the background, hence easier to allocate documents to be migrated. 
  3. The solution provides the possibility to detect what is the file & who can take action
  4. Discovery of privacy issues is done automatically.
  5. Not applicable to current project, but INDICA eliminates the need for a DMS and data migration as needed files can be found within the existing file structure.

Finally the customer adopted 2 INDICA solutions: INDICA GDPR for privacy data discovery and INDICA Enterprise Search for quick access to the relevant data.

INDICA GDPR Maturity Model

INDICA GDPR is a must-have in a tool kit of a DPO. Solution will support your activities when elaborating GDPR compliance strategy (Awareness stage). It will provide you with needed information to exercise data subject rights and informative dashboards to monitor compliance workflow (Committed stage). At the final stage (Business partnership) INDICA will assist to maintain the level of GDPR Compliance. 

Where are you in this map?

Maturity model.jpg

eDiscovery for multinational enterprise

Client Situation

H Company, a large multinational organization with headquarters in the Netherlands, is faced with various internal irregularities globally that require investigation. The internal audit department has a responsibility to investigate these cases when irregularities occur.

Most H Company’s investigation cases are relatively small and they struggled to find a high-quality solution which would accelerate their investigation process, easy-to-use for non-tech savvy stakeholders and cost efficient.

How INDICA helped

INDICA has been supporting H Company with our e-discovery platform for internal investigations around the world for over a year, which is proved to be well suited in finding relevant results for smaller investigation cases and to reduce costs. INDICA e-discovery platform also provide H Company with an intuitive and agile approach in managing their own investigations in terms of data upload, access management, case closure and etc.


By using INDICA, the internal audit department in H Company is able to perform their own investigations in a cost-efficient manner without requiring extensive technical training and ad hoc external support. Additionally, INDICA has allowed the client to easily work together with third parties when additional support was needed. For instance, in cases where the Internal Audit team was short staffed or did not speak the language required for the investigation.

How to save time with INDICA

Anyone who has ever received bills from a Law firm, knows that the first thing a client does, is to call the firm to clear up why there are so many items on that bill.

Another medium-sized law firm, with about 700.000 documents, which are mostly correctly stored through Document Management Systems (DMS), has problems quickly finding the right documents and information. Whenever a client calls, the finance department has to log the call and promise a call back after the correct documents have been found.

INDICA came up with a way to correctly connect to the DMS system and provide a single point of entry into all the information within the firm. Documents and information are found easily this way. The next time a client calls with a question, whether about a case or a bill, lawyers and financial personnel alike can come up with the right document in a matter of seconds.

INDICA provides a fast and easy way to find documents and access information. It saves employees many hours a week to come up with the right document fast.

INDICA for law firms

As people may know, law firms are not known for their lack of documents. A medium-sized law firm may generate over 500.000 documents in a few years. And as Mooreʼs Law is telling us, this number of documents will double every 2 years. 

A medium-sized law firm owns about 900.000 documents, which they store using strict rules, some of which are enforced by Document Management Systems. Once in a while someone loses a document, which then will have to be found. Of course sometimes the owner knows when this has happened, what the name and location of the document was, so a backup can be used to put the document back. However, most of the time, the document can not be found on a backup because either it has not been backed up yet, or the location was not correct. 

Or, the question is something as follows: Can you find me a document of which I do not know the name and location, but there is something like this inside? Then the System Administrator has to run a search within those 900.000 documents. And if the contents are not too general, he will be lucky and within some hours, he will find the correct document. 

INDICA, however, helped these poor lawyers to gain control over their own data again. While they are storing their documents conscientiously in the correct locations, it sometimes happens someone haphazardly moves a file or folder. Or worse, you store it in the wrong location by accident. That is something you Document Management System can never fix. INDICA can find this information immediately. It saves hours a week searching for misplaced documents.

INDICA for a large consulting firm

A large consulting firm was facing some challenges. As most firms, this firm too was the result of many mergers, acquisitions and partly self-sustaining divisions. One of the drawbacks of this set up was that all the different groups were maintaining their own documents and information. 

The management of the firm found this was not in the firms and its clients best interest. So a plan was conceived, in which all the different divisions, subsidiaries and companies would end up as One Company. Every employee of the company would be working for the same company, with access to the same information. 

After the reorganization of the company was complete, a big problem remained: what to do with all the information? Every group had its own information stores, documents and ways to access it. 

After some deliberating, INDICA consultants proposed that the entire company should have access to all the information. Of course, with some exceptions in Finance, HR and other data.
The plan was to create data- and information stores parallel to the company structure. And all the groups and employees would be responsible for moving their own data into the new folder structure. Access to new (and old) data would have to be provided by an information structuring and archiving appliance - and that is where INDICA comes in! 

Some emails were sent to the company, in which was told how to move their data and when the old folder structure would be removed.
Within 3 weeks, more than 50% of the data was moved to the new structure. After those 3 weeks, it became clear that almost 40% of the information was outdated and could be removed to archive. 

All the current data and information has been moved to the new folder structure. Old data has been moved to archiving storage. INDICA is the single point of access they have to all the company information, with connections to the CRM system. Everything they need and that relates to current projects can be found through a simple search. Work that has been done before by people and groups that are no longer with the company can be found in the archives and be used to learn from in new projects.
Where formerly no one knew what other groups and people were working on, now everyone can learn from each other. INDICA creates a way of information and knowledge sharing as well as learning. 

Data leakage

Data leakage

So how are you going to find out that your junior employee Phil or senior manager Chris shared confidential information or personal data of your customers or employees without permission?

It’s all about data. The more the better. We're all trying to collect as much data as possible and w're fighting for ownership even if there is no obvious value in it. As a result, we are storing petabytes of managed and unmanaged data. It can be any data and obviously includes personal information. Most of the time we don’t even know what’s in there as we are not using it. We just store it.

Your right to be forgotten

Imagine you had a mobile contract with an operator called ABC and decided to switch to a different provider called DEF because they offered a better deal. Even when your contract was terminated ABC still stores your private details (bank account information, address, date of birth, etc. etc.). Mostly this is the type of data you’d want to keep away from public access.

Now you can ask ABC to delete everything they have on you. This is your “Right to be forgotten”. This seems like an easy task for a corporation but in fact it’s a BIG CHALLENGE.

Does INDICA make information about you available for anyone within the company you referred to? The answer is very simply – no, it does not.

ABC has your personal data spread across their IT environment and duplicated over different departments. For example, they use it to bill you, to send mail, to identify you when you call in for support, to track your behavior and preferences and so on. Your data could be stored anywhere inside the company. It might take days or even weeks to find out where it is with no guarantee that all data was collected.

With new regulations ABC must deliver your Right in a limited time frame otherwise they can be fined up to 4% of their worldwide turnover. This regulation applies not only to mobile operators but to any company or government. It can be a grocery store, bank or a previous employer. It means that companies need to have some tool and procedure in place in order to comply and avoid penalties.

The INDICA GDPR Module is a tool that is able to identify your personal information across all IT systems within the company and provide information on its location and accessibility to different people, groups and (3rd-) parties. It creates a personal card, hence person responsible for private data can execute a deletion procedure. 

The next logical question: does INDICA make information about you available for anyone within the company you referred to? The answer is very simply – no, it does not. Normally the solution has a single administrator and a limited number of users within the organizations. Together with this INDICA inherits access right policies set within IT systems, so a user will only find information he is allowed to see.

Keep in mind that your personal data is priceless. Be careful when giving it away and demand it back after an engagement is over. 

How to find hidden relationships between emails and PO's

Investigations span the domains of unstructured (i.e. email) and structured (i.e. ERP) information. These systems are separate and it is almost impossible to find relationships between the data in stored in different systems and applications. However, Indica developed a unique solution capable to reveal these relationships and to find unique results to revolutionize investigations.

Regular eDiscovery solutions are focused on unstructured information, like email, files etc. Next to that, structured information is the typical domain of systems like ERP, CRM, and etc. with records in a database. The challenge is that the two worlds are more or less independent from each other. If the investigation is about fraud it probably is of great importance to verify the communication in email boxes and combine that with transactions in a financial system. If we could find a relationship between those data sets, then a totally new world of possibilities opens up.

At INDICA we developed a unique algorithm to verify relationships between unstructured and structured information. In Indica you can add structured sources. It can be a database or a static copy of that database. It could also be a dynamic interface to a database of a live system. In our demo stand we have a product database from the internet and we have a customer list from an ERP system. Extra sources assist in information ranking, but also ease the click through all related information in the whole data set. To find information and discover relationships at your fingertips you simply click through, no need to enter manual queries. It is possible to scan an unstructured document for words that exist in structured sources, and go back and forth between all those sources.

Investigator should simply ask himself the question what kind of structured information should be in scope. The amount of structured information could be limited, it is not necessary to include all the transaction history. For example, vendor or customer lists, product lists, purchase or sales orders etc. The information from these lists are fully indexed together with all the other information, so the performance while searching is ultra fast.

The algorithm is patented and unique. So anybody who would like to give this a try, can reach out to INDICA.

Continuous Delivery at INDICA

Recently I attended a workshop about Continuous Delivery, hosted by ICTOffice and presented by people from NISI and the University of Utrecht.

Mainly, I had questions regarding the level of integration of our development process and the tools involved. We created the first (baby-)steps into the software development of INDICA quite a long time ago. The modern tools for integration of your process didn’t exist yet, let alone the words describing it!

At first, we used SVN for version control. At the time, this was revolutionary – especially compared to CVS. (Of course, this is not true; all these tools have their pro’s and cons, mainly depending on who’s using it and how he’s using it.) We used MantisBT for our bugtracking. And lots and lots of scripts to be able to continuously deploy to a build server for testing and building. 

And this has worked properly for many years.

In the meantime, INDICA is growing. Not only do we have more people maintaining and developing parts of the software, also the software is growing and getting more mature. Tools have appeared that might make our work easier. But basically, INDICA has not really changed. It’s still an appliance with highly integrated tools, parts and systems.

We migrated from MantisBT to Atlassian Jira a while ago. We started using Confluence for the more important stories. And we created a scripted testing environment which took away most of our tedious tasks for testing the installation, provisioning and basic testing of the frontend.

But also, recently, we migrated from SVN to Bitbucket.

This turned out to be a not-so-trivial step. We got really used to our SVN in combination with the scripted environment and we’re actually still running into problems with the Git environment. It’s getting better though, every week we have less creases to iron out.

Back to this workshop. During the workshop I tried to pry as much information loose from all attendees as I could. Luckily the presenters helped out, they were as interested as I was. As I already stated, I really wanted to know three main things:

  • How mature is our process?
  • What other tools are being used?
  • What are the main alternatives to the tools we already use?

It turns out, all these companies don’t really have good alternatives for their tools yet. The choices we made were quite mainstream on one hand, but without a real good alternative on the other. So even if we have quite some configuration or usability problems with the Jira/Confluence/Bitbucket suite, an alternative that is as well integrated as this didn’t pop up.

Also, and this came as quite a surprise to me, our process is quite mature. Although we started out with Continuous Integration ‘Avant La Lettre’, we’re on a quite good track.

The development cycle, with 3 week sprints, regular builds and continuous feature and bug improvements, fits us well. The testing part might need some improvement on the unit-testing side, but also we use a proper script for this and partly automate the process daily.

Also, this can be improved if we revisit the set-up. The current appliance might be better off if we create proper packages, therefore prerequisites, dependencies and versions can be better controlled. 

But the integration, deployment and delivery started out really advanced and is currently on par with what’s out there. With lots of room for improvement.