What the GDPR is and how to deal with it. Russell McDermott Sales Engineer +44 (0) x 2208

Transcription

1 What the GDPR is and how to deal with it Russell McDermott Sales Engineer +44 (0) x 2208

2 How to Ask Questions Type your question here Click Send

3 Agenda What the GDPR is Top 5 things you should know about it Who should worry and why? Steps to prepare Demonstration Q&A Useful Resources Prize Drawing

4 What the GDPR Is TIME UNTIL GDPR ENFORCEMENT 525 DAYS The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.

5 Top 5 Things You Should Know About It 1) The GDPR is a regulation, NOT a directive 2) Fines for non-compliance are tremendous 3) Disclosure of intensions is required 4) The need for explicit agreement 5) The right to be forgotten

6 GDPR Glossary o o o o o o o o Data Controller Data Processor Data Protection Officer Directive Personal Data Breach Processing Regulation

7 Who Should Worry? All companies processing the personal data of data subjects residing in the EU, regardless of the company s location

8 Why Worry? Fines for non-compliance are enormous and depend on the infraction. 4% of annual global turnover or 20 M for the most serious breaches 2% or 10 M for smaller infringements

9 What Consent Means If it s NOT CLEAR, it s NOT CONSENT! Consent is a positive indication of agreement Consent must be clear and distinguishable Provided in an intelligible and easily accessible form Consent of parent required when dealing with children Consent should be recorded

10 Data Subject Rights Breach Notification Right to Access Right to be Forgotten Data Portability Privacy by Design

11 Data Protection Officers Required for public authorities Must be appointed on the basis of professional qualities May be a staff member or an external service provider Must report directly to the highest level of management Must not carry out any other tasks

12 Steps to Prepare Information Commissioner s Office (ICO) will assist businesses to prepare 1. Make sure the key people are aware 2. Organize an information audit 3. Update your version of Privacy notes 4. Make sure you can cover individuals rights 5. Plan how you will handle access requests 6. Document the legal basis for processing personal data Information Commissioner s Office, [Preparing for the GDPR, 14/03/2016], licensed under the Open Government Licence

13 Steps to prepare 7. Acquire explicit consent 8. Get parents consent 9. Ensure procedures to handle data breaches 10. Work out how to implement PIA 11. Hire Data Protection Officers if required 12. Determine your data protection supervisory authority Information Commissioner s Office, [Preparing for the GDPR, 14/03/2016], licensed under the Open Government Licence

14 About Netwrix Auditor Netwrix Auditor A visibility and governance platform that enables control over changes, configurations, and access in hybrid cloud IT environments by providing security analytics to detect anomalies in user behavior and investigate threat pattern before a data breach occurs.

15 Netwrix Auditor Benefits Detect Data Security Threats On Premises and in the Cloud Pass Compliance Audits with Less Effort and Expense Increase the Productivity of Security and Operations Teams Bridges the visibility gap by delivering security analytics about critical changes, state of configurations and data access in hybrid cloud IT environments and enables investigation of suspicious user behavior. Provides the evidence required to prove that your organization s IT security program adheres to PCI DSS, HIPAA, HITECH, SOX, FISMA/NIST800-53, COBIT, ISO/IEC and other standards. Relieves IT departments of manual crawling through weeks of log data to get the information about who changed what, when and where and who has access to what.

16 Netwrix Auditor Applications Active Directory Azure AD Exchange Office 365 Windows File Servers EMC NetApp SharePoint Oracle Database SQL Server Windows Server VMware

17 How Netwrix Auditor Helps with the GDPR

18 Netwrix Auditor Demonstration

19 About Netwrix Corporation Year of foundation: 2006 Headquarters location: Irvine, California Global customer base: over 8,000 Customer support: global 24/5 support with 97% customer satisfaction Recognition: Among the fastest growing software companies in the US with 105 industry awards from Redmond Magazine, SC Magazine, Windows IT Pro and others

20 Netwrix Customers Financial State, Local Government/Education Heavy Industry/Engineering/Manufacturing/Transportation Technology/Internet/Retail/Food/Other

21 Awards All awards:

22 Summary No way to avoid the broad-reaching changes The main goal is providing unified rules on data protection Netwrix Auditor will help you maintain the GDPR compliance The best time to start is now

23 Next Steps Read more about the GDPR netwrix.com/gdpr_compliance.html Free Trial: setup in your own test environment: On-premises: netwrix.com/freetrial Virtual: netwrix.com/go/appliance Cloud: netwrix.com/go/cloud Test Drive: virtual POC, try in a Netwrix-hosted test lab netwrix.com/testdrive Live Demo: product tour with Netwrix expert netwrix.com/livedemo Contact Sales to obtain more information netwrix.com/contactsales Webinars: join our upcoming webinars and watch the recorded sessions netwrix.com/webinars netwrix.com/webinars#featured

24 Thank You!

25 Prize Drawing Get Your Quadrocopter! Haven t won this time? Sign up for upcoming sessions: