What is GDPR?
The General Data Protection Regulation came into force on May 25th 2018.
This enforces dramatic changes to Large, Medium and Small Companies – Everyone has been effected. The penalties for non compliance are high and include a fine of up to €20 million or 4% or annual global turnover – whichever is higher, or potentially a custodial sentence.
The implementation of Abatis HDF can significantly AID GDPR Compliance in the following areas.
Increased expectation of data privacy and the organisation’s obligation to follow established cybersecurity practices. Imposes hefty fines for non-compliance.
Abatis should be viewed as a defence in depth measure along with other security products that together provide a holistic security protection. By demonstrating that all reasonable measures have been taken to address risks identified in a risk assessment, the organisation should be able to avoid censure and fine.
Imposes detailed and demanding breach notification requirements. Both the authorities and affected customers need to be notified “without undue delay and, where feasible, not later than 72 hours after having become aware of [the breach]”.
Abatis prevents malware infections which may be a vehicle for causing a breach in the first place, but where attempted breaches occur, these are reported in near real time to the Central Management Console (CMC) or SEIM which correlates events and therefore provides analysis and reporting capabilities. The rapid reporting and alerting found in Abatis minimises the chance of a breach going unnoticed.
Requires many organisations to appoint a data protection officer (DPO).
Abatis provides a useful tool that the appointed DPO can use to monitor the security posture of the organisation. Abatis supports the separation of duties between a normal SYSADMIN and an Abatis-approved SECURITY ADMINISTRATOR.
Codifies a right to be forgotten so individuals can ask your organisation to delete their personal data. Organisations that do not yet have a process for accommodating such requests will need to work on that.
Any data stored in the CMC logs can be queried and reported on as easily as any other SQL database. Similarly it can be deleted in part or wholly at the touch of a button.
Makes it clear that data controllers are liable for the actions of the data processors they choose.
The fact that the Abatis system is self-contained means that the Data Controller has a clear view of the Data Processor’s actions and can reason about their acceptability.
Enshrines “privacy-bydesign” as a required standard practice for all activities involving protected personal data.
Abatis has been shown through independent tests to be a far more effective security protective measure than any traditional AV or whitelisting solution such as Carbon Black, Cylance, Kaspersky, Symantec, McAfee, etc.
Abatis has been designed with High Integrity Systems Operation in mind and has been tested from a Safety Critical Point of View as well as security.
Abatis provides the surest protection against malware and therefore provides the strongest GDPR compliance technology available.