ENSURE COMPLIANCE WITH THE GENERAL DATA PROTECTION REGULATION (GDPR) USING NETWORK PERFORMANCE MONITORING SOLUTIONS WITH SECURITY FORENSICS
GDPR applies to any business operating in the European Union (EU), no matter where the organization is located. All sensitive, personal information relating to EU subjects must be stored securely and protected.
Countdown to EU GDPR: Are You Compliant?
When the EU General Data Protection Regulation (GDPR) goes into effect on May 25, 2018 organizations will have just 72 hours to report detected breaches to the relevant authorities. Failure to do so could result in a significant fine up to €20 million or 4 percent of total annual sales, whichever is greater. However, identifying which records have been compromised in such a short timeframe could prove impossible without the right tools.
How to Build an EU GDPR Compliance Strategy
An Observer GigaStor appliance, part of the Observer Performance Management Platform, positioned inside the network near the firewall, captures, encrypts, and stores all your network traffic, just like a closed-circuit television (CCTV) camera captures everything that passes by it. This solution provides the critical post-event platform needed for your comprehensive GDPR compliance strategy.
The secured wire data is then available to reconstruct and review security issues quickly in context of all network traffic occurring before, during and after the event. Network and security teams can collaboratively verify attack details and compromised data in accordance with General Data Protection Regulation.
While many organizations use the Observer Platform primarily for network and application troubleshooting, nearly half of customers also use the platform for post-incident network security forensics investigations. This functionality is critical for GDPR compliance in three ways:
- Pre-incident validation that the organization has taken sufficient steps to ensure its ability to investigate and report attack details to authorities within 72 hours, as well as the ability to verify successful remediation.
- Pre-incident discovery and mapping of network infrastructure involved in supporting applications and services collecting, analyzing and storing personally identifiable information.
- Post-incident investigation with the Observer Platform and its captured data can prove that no information was compromised and help organizations identify or provide documentation of what data was affected, how access was achieved, and if intellectual property was compromised.
VIAVI Perspectives Blog