The General Data Protection Regulation (GDPR) deadline is approaching quickly. If you haven’t started your GDPR journey yet, now is the time.
GDPR states, “The protection of natural persons in relation to the processing of personal data is a fundamental right.” (Recital 1)
BYOD, Cloud, mobile, IoT and remote workers, have all brought greater challenges around how we share and secure information. For personal data, this is particularly the case. The GDPR intends to protect the personal data of individuals via an updated set of standards and individual rights that apply equally across the EU.
Organizations globally will need to understand how it affects them if they handle any personal information for an individual who resides in the EU. If the GDPR applies to your organization know, there are significant penalties for noncompliance.
Planning for GDPR
It is paramount to begin your planning for GDPR compliance as early as possible. Management should embrace GDPR compliance as a strategic initiative. Enlist the support and participation of all key stake holders in your organization. In a large organization, GDPR preparation may represent significant budgetary spend. On the very front end, due consideration to budget projections is necessary for GDPR planning, compliance attainment and ongoing support. GDPR will no doubt touch and enlist many departments including IT, HR, legal, operations, governance and communications.
How FireMon Can Help
There are many areas identified within the GDPR where FireMon can assist in the goal of gaining compliance and maintaining compliance. Below is a review of specific GDPR articles where FireMon can provide valuable assistance. The GDPR articles covered is not exhaustive by any means, and you will discover others as you continue your journey to GDPR compliance.
GDPR Articles 25 and 32
As it applies to Article 25 and 32 above FireMon provides:
A comprehensive solution that takes a holistic approach to “Intelligent Security Management.” With FireMon you will be well past a “reasonable” level of data protection as it applies to security policy management, change management, risk and vulnerability analysis and application connectivity management. The security team will gain confidence that security policies are allowing only that which is intended to be allowed to meet the requirements of the business.
GDPR Article 35
As it applies to Article 35 above, FireMon can:
- Identify threats and security holes in security policies that could be exploited by hackers
- Capture valuable policy documentation to meet compliance assessment requirements
- Help detect and mitigate security vulnerabilities
- Provide actionable intelligence for remediation guidance
- Continuously monitor security enforcement point changes that could lead to unnecessary exposure, misconfiguration, unauthorized change and unacceptable risk
GDPR Article 58
In the event there is need to provide investigative information, FireMon can provide substantiating documentation demonstrating proof of automated best practices for security management and compliance.