2018 saw the launch of the General Data Protection Regulation (GDPR) which replaced the Data Protection Directive from 1995. The goal was to unify data privacy laws across Europe and protect all EU citizens data privacy. In reality many organizations are still struggling to be compliant.
The key to safeguarding data in line with GDPR is that security needs to move away from trusting every member of an organization by default. Unfortunately, maliciously or not, people continue to be the weak link in the security of every organization.
Preparations for GDPR should entail a move towards a ‘Zero Trust’ mentality, which assumes that every user could be compromised. As such, users must be granted access to only the information they absolutely ‘need to know’ to do their jobs. The second step is to ensure that all data is protected.
As long as organizations are approaching security with the Zero Trust mindset, enterprises can be confident they are securing data and complying with regulation.
While some enterprises might already meet some of the demands of GDPR by following good security practices, there are still a number of new requirements which firms need to be made aware of.
These requirements include:
- Pseudonimisation of personal data.
- The importance of confidentiality (encryption) for protecting personal data.
- Integrity and availability in all data processing.
- Obligation to report a data breach to the applicable supervisory authority within 72 hours.
- Data subjects may need to be notified of any breach. This will result in severe reputational damage to the company.
- Potential fines for non-compliance are significantly higher compared to those under any previous data protection laws.
How Certes Networks Can Help
Certes Networks’ network encryption solutions are quick to deploy and easy to manage, furthermore they rapidly deliver the confidentiality, integrity and availability (CIA) required by GDPR. Certes Next Gen Encryptors are multi-layer encryption devices offering Layer 2, Layer 3 and most noteworthy, Layer 4 encryption. Therefore, they can provide protection for any network.
- Provide multi-layered data protection and application segmentation.
- Integrate easily into any existing network.
- Operate transparently to the network infrastructure.
- Ensure all data is encrypted without impacting overall network performance.
Want to Conquer Compliance?
Resources to help you learn more
Want to learn more?
One of our team members would be happy to help!