What the GDPR is and how to deal with it Russell McDermott Sales Engineer Russell.Mcdermott@netwrix.com +44 (0) 203 588 3023 x 2208
How to Ask Questions Type your question here Click Send
Agenda What the GDPR is Top 5 things you should know about it Who should worry and why? Steps to prepare Demonstration Q&A Useful Resources Prize Drawing
What the GDPR Is http://www.eugdpr.org TIME UNTIL GDPR ENFORCEMENT 525 DAYS The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.
Top 5 Things You Should Know About It 1) The GDPR is a regulation, NOT a directive 2) Fines for non-compliance are tremendous 3) Disclosure of intensions is required 4) The need for explicit agreement 5) The right to be forgotten
GDPR Glossary o o o o o o o o Data Controller Data Processor Data Protection Officer Directive Personal Data Breach Processing Regulation www.eugdpr.org/glossary-of-terms.html
Who Should Worry? All companies processing the personal data of data subjects residing in the EU, regardless of the company s location
Why Worry? Fines for non-compliance are enormous and depend on the infraction. 4% of annual global turnover or 20 M for the most serious breaches 2% or 10 M for smaller infringements
What Consent Means If it s NOT CLEAR, it s NOT CONSENT! Consent is a positive indication of agreement Consent must be clear and distinguishable Provided in an intelligible and easily accessible form Consent of parent required when dealing with children Consent should be recorded
Data Subject Rights Breach Notification Right to Access Right to be Forgotten Data Portability Privacy by Design
Data Protection Officers Required for public authorities Must be appointed on the basis of professional qualities May be a staff member or an external service provider Must report directly to the highest level of management Must not carry out any other tasks
Steps to Prepare Information Commissioner s Office (ICO) will assist businesses to prepare 1. Make sure the key people are aware 2. Organize an information audit 3. Update your version of Privacy notes 4. Make sure you can cover individuals rights 5. Plan how you will handle access requests 6. Document the legal basis for processing personal data Information Commissioner s Office, [Preparing for the GDPR, 14/03/2016], licensed under the Open Government Licence
Steps to prepare 7. Acquire explicit consent 8. Get parents consent 9. Ensure procedures to handle data breaches 10. Work out how to implement PIA 11. Hire Data Protection Officers if required 12. Determine your data protection supervisory authority Information Commissioner s Office, [Preparing for the GDPR, 14/03/2016], licensed under the Open Government Licence
About Netwrix Auditor Netwrix Auditor A visibility and governance platform that enables control over changes, configurations, and access in hybrid cloud IT environments by providing security analytics to detect anomalies in user behavior and investigate threat pattern before a data breach occurs.
Netwrix Auditor Benefits Detect Data Security Threats On Premises and in the Cloud Pass Compliance Audits with Less Effort and Expense Increase the Productivity of Security and Operations Teams Bridges the visibility gap by delivering security analytics about critical changes, state of configurations and data access in hybrid cloud IT environments and enables investigation of suspicious user behavior. Provides the evidence required to prove that your organization s IT security program adheres to PCI DSS, HIPAA, HITECH, SOX, FISMA/NIST800-53, COBIT, ISO/IEC 27001 and other standards. Relieves IT departments of manual crawling through weeks of log data to get the information about who changed what, when and where and who has access to what.
Netwrix Auditor Applications Active Directory Azure AD Exchange Office 365 Windows File Servers EMC NetApp SharePoint Oracle Database SQL Server Windows Server VMware
How Netwrix Auditor Helps with the GDPR
Netwrix Auditor Demonstration
About Netwrix Corporation Year of foundation: 2006 Headquarters location: Irvine, California Global customer base: over 8,000 Customer support: global 24/5 support with 97% customer satisfaction Recognition: Among the fastest growing software companies in the US with 105 industry awards from Redmond Magazine, SC Magazine, Windows IT Pro and others
Netwrix Customers Financial State, Local Government/Education Heavy Industry/Engineering/Manufacturing/Transportation Technology/Internet/Retail/Food/Other
Awards All awards: www.netwrix.com/awards
Summary No way to avoid the broad-reaching changes The main goal is providing unified rules on data protection Netwrix Auditor will help you maintain the GDPR compliance The best time to start is now
Next Steps Read more about the GDPR netwrix.com/gdpr_compliance.html Free Trial: setup in your own test environment: On-premises: netwrix.com/freetrial Virtual: netwrix.com/go/appliance Cloud: netwrix.com/go/cloud Test Drive: virtual POC, try in a Netwrix-hosted test lab netwrix.com/testdrive Live Demo: product tour with Netwrix expert netwrix.com/livedemo Contact Sales to obtain more information netwrix.com/contactsales Webinars: join our upcoming webinars and watch the recorded sessions netwrix.com/webinars netwrix.com/webinars#featured
Thank You!
Prize Drawing Get Your Quadrocopter! Haven t won this time? Sign up for upcoming sessions: https://www.netwrix.com/webinars.html