What is the EU’s General Data Protection Regulation (GDPR)?
The EU’s new GDPR, effective in 2018, requires protection of all data stored on individuals: addresses, credit card numbers, personal details, even IP addresses. Inadequate protection can result both in fines of up to 4% of your global turnover or €20 million, whichever is higher, and in reputational damage due to being mentioned in the Annual Activity Report of one or more national Data Protection Authorities. The new rules apply to all EU-based organizations and individuals and non-EU-based entities that process personal data of EU residents.
New GDPR Requirements
- Data protection by design and by default and careful control of access to personal data
- Ability to identify specific data for flagging and removal if necessary
- Pre-defined policies for automated data access privileges
- Ability to detect and send an alert on any data breach in real time
- Regular data risk assessments
How Can You Meet GDPR Requirements?
- Find your data. To protect your data, locate it: in your site, cloud or device, or your partners’ networks.
- Understand your data. What type of information is out there? Who is accessing it? How is it being used? Where is it going?
- Classify your data. Data must be classified by specific access parameters and by type: personal information, credit card numbers, etc.
How Covertix Can Help with GDPR Compliance?
- Data Discovery: Covertix enables you to generate an unstructured data inventory and know exactly where your company’s personal data is stored: on your premises or in the cloud, outside repositories or personal devices. Covertix can identify any format; documents, presentations, emails, etc. Covertix’s functions are critical for protecting the data and addressing requests to correct and erase personal data.
- Data Classification and Governance: Covertix’s patented dynamic real-time context classification engine provides pinpoint accuracy so you can determine the right classification for each file and the appropriate steps to take when an end user accesses sensitive content.
- Monitoring: Under the GDPR’s new breach notification requirements, data controllers must now constantly monitor who did what, when and where to sensitive data and how. Placing Covertix’s embedded layer in a file gives you extensive monitoring, tracking and tracing capabilities and provides important audit input by making visible all activities taking place in each file and its contents.
Covertix’s Work Process
- Identify relevant GDPR data
- Audit user activity and detect risky behavior or ransomware
- Identify and prioritize gaps in GDPR compliance
- Protect each file according to its specific classification