EU General Data Protection Regulation
Reach GDPR Compliance with Endpoint Protector.
The EU General Data Protection Regulation (GDPR) is a regulation issued by the European Commission, the European Parliament and the Council of Ministers of the European Union with the purpose of strengthening and unifying data protection for individuals within the European Union. It is the most important change in data privacy regulation in 20 years, according to the GDPR portal. It took four years of preparation and debate until it was finally approved by the EU Parliament on 14 April 2016. The General Data Protection (GDPR) regulation makes a big statement about individuals’ private data and their right to request data controllers and processors to delete, correct, and forward their data. In consequence, GDPR comes with significant changes compared to the Data Protection Directive 95/46/EC involving operational changes in organizations. These will impose stricter fines in case of failing to protect EU citizens properly.
In May 2018, the new GDPR will be applicable to all organizations and companies that control or process personal data related to a resident of the European Union. With a strong data security strategy and a Data Loss Prevention solution, businesses can get a step closer to compliance.
Endpoint Protector helps you reach GDPR compliance
An important part of the audit is covered by Endpoint Protector Data Loss Prevention and Device Control. In the initial phases of the process of becoming compliant with GDPR, you can use Endpoint Protector DLP and Device Control (USB and other removable devices) with policies set on report-only, so data that is being transferred outside the company is being tracked and reported. Get valuable insights about which users are transferring sensitive data, like Personally Identifiable Information, Credit Card Numbers, Social Security Numbers, and other confidential information.
Additionally, the exit points can be flagged for monitoring, to detect exactly where the confidential data goes – on cloud apps, by e-mail, on portable storage devices, on webmail, etc. The most active users when it comes to data transfers and devices connections can be discovered and based on this information together with data gathered from other tools can paint a picture on the actual situation before moving forward with operational changes for compliance.
Once the audit is finalized, you have to strengthen security and address the vulnerabilities. Endpoint Protector monitoring policies can be converted into restrictive policies, blocking unwanted file transfers, unauthorized data copied/pasted, screen captures, etc. and all of this depending on the various transfer channels and the users, computers, groups that are part of the organizational structure. Since individuals’ private data is so crucial to protect according to the updated regulation, it can be secured against leakages and theft with the content filtering and USB control capabilities available in Endpoint Protector DLP.
Endpoint Protector DLP can also help in the cross-border data transfers. Organizations are prohibited from transferring personal data to recipients outside the EEA, unless the region of destination provides an adequate level of data protection (deemed by the European Commission), or unless there are other circumstances set also by the European Commission. Endpoint Protector can detect and block data transfers to solutions with data centers located in countries outside the EU (e.g. Dropbox) or, in case those countries fit in the adequacy level of data protection, data transfers can be allowed. It all comes down to the control you get for sensitive data movement.
The GDPR states that data privacy should be ensured, with no specifics about the platform, if it is Windows, macOS or Linux, iOS, Android, Windows Phone, etc. or the exit channels – email, cloud file sharing, removable devices, etc. It is not important, after all. The essential part is that data must be secured no matter what. Therefore, for any data security tool you choose to implement, make sure it covers your entire infrastructure, all endpoints, mobile devices, or exit points.
Endpoint Protector DLP and Device Control modules help you protect sensitive private information against data loss and theft on Windows, macOS, and Linux, while the Endpoint Protector Mobile Device Management module secures data on iOS and Android devices as well as macOS computers. For increased data protection and GDPR compliance, the USB Enforced Encryption module available in Endpoint Protector allows management and automatic deployment of encryption software, EasyLock to USB storage devices.