Your GDPR Journey, Step 3: ProtectMarch 13, 2018
The General Data Protection Regulation (GDPR) raises the bar for keeping information secure. It requires that you take many steps to protect a wide range of personal data from being lost or seen by the wrong people. Which means you need to think about a range of security scenarios—everything from physical intrusion or rogue employees to accidental loss or hackers.
To comply with the GDPR, you should set up security controls to help you prevent, detect, and respond to vulnerabilities and data breaches. This might include things like building a risk management plan and taking steps to mitigate risks, like password protection, audit logs, and encryption. Here are some things to think about in this area.
Preventing data attacks
It starts by preventing issues or attacks in the first place. To protect your data, you should:
- Protect your physical datacenter
- Secure your network
- Secure your storage and computing
- Manage identity
- Control access
- Encrypt information
- Mitigate risks
Detect and respond to breaches
This is where you monitor for and detect system intrusions. Here are some ways to do it:
- Monitor your systems
- Identify breaches quickly
- Calculate the impact
- Plan a response
- Recover from the situation
- Notify the authorities and your customers
Need help with the GDPR?
The good news is that you don’t have to do it all on your own. We at Binary Tree are doing our part to help our clients protect the privacy of their own customers. And we do this by helping you move to the Microsoft cloud.
Reason being, the Microsoft cloud is specifically built to help you understand security risks and defend against them. It’s also more secure than on-premises computing environments in many ways. For example, Microsoft datacenters are certified to internationally recognized security standards, protected by 24-hour physical surveillance, and have strict access controls.
To get started, get in touch. We look forward to partnering with you on your GDPR journey.
Source: Microsoft. Beginning your GDPR Journey. May 2017.