1 in 4 businesses are not prepared for GDPR yet. With just over a year left, there is no time to waste. Help your customers be compliant in time, so they’re not losing money come May 2018.
The new EU General Data Protection Regulation (GDPR) became law in 2016. The EU has given enterprises 2 years to become compliant. So from the 25th May 2018 if a company is not compliant with the new legislation, it can cost them up to 4% of global turnover or €20 million (whichever is greater). Businesses who don’t have their data in order or fail to notify the authorities for a breach can be fined 2% of their global turnover or €10 million.
GDPR not only applies to organisations located within the EU, but also organisations outside of the EU, if they do business in the EU.
IMPORTANT! The UK government has confirmed that after Brexit most of the GDPR legislation will be taken over to UK law.
Click a headline below for more information
• One set of rules for everyone
GDPR is a regulation, not a directive. Regulations become an immediately enforceable law in all EU countries, while in directives a chosen goal has to be achieved, but it is up to the member states to decide how they reach that objective.
• Fines are higher
• The request of consent must be easily accessible
Written in plain language and it has to be as easy to withdraw consent as it is to give it. This means hidden clauses in Terms & Conditions, silence or inactivity do not mean that that person gave consent.
• Breaches must be reported no later than 72 hours
Once aware, data processors have to make data controllers aware of a breach right away.
• Data subjects have the right to ask for information
On if, when, where and for what purpose their data is processed. They can also ask for a copy of all the personal data a company has of them free of charge.
Don’t give hackers the chance to intrude in your customers systems. With Avast Business Endpoint Protection solutions your customers’ business and data is safe from ransomware, viruses and malware from their email and file servers.
Secure your whole enterprise with Becrypt. Encryption is not required under GDPR but it secures your data and makes it harder for hackers or third parties to access it. From an insider threat to losing a device, Becrypt has a way of securing all your data with their solutions.
Part of the new legislation will be the Right to be Forgotten for data subjects. This means if someone asks to be forgotten by your company, you need to delete their entire data on your systems. Blancco’s Erasure solutions make sure that no trace of the data is left on your systems.
This is also helpful when old business equipment is getting sold. Blancco will delete all the data on the hard drives, so you can be sure that information will not land in the wrong hands.
The need for secure remote working and remote accessing is higher than ever. Bomgar’s solutions will make sure that tech teams can deliver secure remote support and offer secure access to systems and third-party vendors.
Protect sensitive data in non-productive environments like development, testing and reporting by masking them with Delphix Masking Engine. It replaces sensitive data with a fictitious set, so development, testing and reporting of applications can still be done, but the important data is safe from breaches and hackers.
Even though businesses have security in place, we still hear reports about new breaches almost every day that will cost companies a lot of money once GDPR applies.
Flexera’s Software Vulnerability Manager empowers IT Security and Operations with intelligence to continuously track, identify and remediate vulnerable applications — before exploitation leads to costly breaches.
FlexNet Code Aware is an automated open source risk assessment and package discovery solution that enables users to quickly scan their products for security and intellectual property (IP) compliance risk.
Data transfer is part of every business nowadays. But under GDPR breaches of this data can cost enterprises a lot of money. Globalscape makes sure that your data transfers are secure and no third party has access to them. Data transfers are always a risk, but in a global economy data has to be shared between offices and employees all over the world.
IDERA SQL Security Suite helps with compliance and security. Compliance Manager gives you an overview of who did what, when, where and how to sensitive data as well as tracking, detecting and alerting on suspicious activities. SQL Secure identifies vulnerabilities in the server environment, helps you manage security policies and rank security levels with security report cards.
Having security in place for all circumstances is one of the first steps to comply with GDPR law. ManageEngine offers a variety of security solutions to make your customer's IT environment secure.
Not just securing the data, but also having a system in place for auditing and compliance will be part of the new legislation. If a breach occurs and there isn’t enough proof that auditing was in place, the fines will be higher. Authorities also have the right to do checks to see if businesses comply with GDPR. Bolster the security of your Windows server environment. Quest’s security and compliance automated solutions provide real-time visibility into administrator and user activities, plus report on server configurations and user permissions.
Complement your governance, risk and compliance initiatives with solutions that help users achieve and prove compliance, and streamline administration for complex, growing environments.
Help your customers protect their business from breaches and hacks with the ThreatTrack solutions for Internet, Email and Servers. Protecting every part of the system gives hackers less possibilities to enter the system and extract important customer information, which could cost your customers up to £20million or 4% of their annual global turnover (whichever is greater) under GDPR law.
GDPR will apply to big enterprises as well as small businesses. SolarWinds Log & Event Manager is the perfect solution for small security departments. It analyses activities in real time to identify possible attacks. It collects, consolidates and analyses logs and events from relevant applications and devices and blocks and quarantines malicious and suspicious activities. It helps audit the trail of access, so the company can understand who accessed which data at what time.