General Data Protection Regulation

Written by: Kellie Swensen

“General Data Protection Regulation (GDPR) is a legal framework, setting guidelines for the collection of personal information of individuals with the European Union.” The GDPR is the replacement of the Data Protection Directive.  The Data Protection Directive was adopted in 1995, which regulated the processing of personal data in the European Union (EU). The GDPR will take effect on May 25, 2018. There are some companies that did not fall under the Data Protection Directive it was the businesses only under the European Union, now companies outside the EU will also have to comply with the GDPR. Businesses should be preparing now in order to comply with the GDPR. Before IT professionals working for controllers and processors can implement solutions that will help the organization meet GDPR requirements. The IT process may change in order to implement the specific changes that have been made to secure data.  The businesses will need to have proper data identification and classification tools; Data encryption solution’s; be able to identify and access management; their Network security and preventing a data breach; email security; security monitoring and incident responses; and audit trails and reporting.

A business can be at high risk by not having the proper software to protect its personal data. Unprotected information, the business can be easily hacked into and is more prone to viruses making the information easier to get too.  People are already hesitant at giving any information to a business for fear of the personal data being stolen. Businesses need to keep the trust of their clients and in doing so the data given to them needs to be protected; multiple forms of protection is necessary for today’s technological advances.  The first thing when using any computer whether it be for personal or with a company is to download a malware product, however, that is just the first layer of protection.  If you have multiple layers of protection it makes it more difficult for hackers or viruses to penetrate into the network. It’s as if you were putting up blocks on documents so no one but yourself would be able to view it. Businesses also have to be able to find the areas in the network that are giving them problems so they can fix it. The proper software can assist in finding the vulnerable areas, so they can resolve the discrepancies. This gives the IT department plenty of work to do without proper software to assist in helping to keep the information confidential.

GFI Inc. has multiple software products to help assist in the GDPR; Kerio Control, LanGuard, Archiver, and Events Manager.  GFI LanGuard is known as the Network security scanner with vulnerability and Patch management in other words the data breach prevention software to use to meet the requirements in the GDPR. GFI Kerio Control provides a secure network perimeter hardware protection securing data in multiple ways. GFI Archiver retains complete records in the original form. GFI Events Manager aggregates log data across the network for complete visibility of the infrastructure and reporting.  GFI LanGuard will help in network security by scanning and detect vulnerabilities within the network using the patches, this helps with catching the issue before it could cause more discrepancies in the future. GFI LanGuard will provide a centralized analysis and auditing with detailed reporting evaluating the level of protection on the network.   If one will like more details on understanding and implementing the GDPR Compliance measures there is the free download of Whitepaper that will give you details on every aspect of the General Data Protection Regulation.