Meeting the General Data Protection Regulation with Ground Labs
The relationship between an organisation and their customer is important, the customer must trust that the data they share with an organisation is being managed responsibly.
When an organisation is responsible for managing large quantities of their customer’s data, they must ensure that every care is taken to ensure that this data is secure. If a breach occurs and this data is lost, the company’s reputation may suffer, but more importantly, the customer loses faith in the business they once trusted. They feel cheated because the company did not exercise due care to ensure that it was safe.
“Discover – Identify personal data and where it resides”
With the new GDPR policy coming into force on the 25th of May, it is time for companies to ensure that they put effective systems in place in order to deal with any data queries they are responsible for.
When a customer calls upon an organisation to show them all of the data that the organisation is storing that belongs to them, this is called a Subject Access Request. The duty to answer this request falls upon the organisation and will be enforced under GDPR legislation. Failure to adhere to this request could result in the company being fined up 4% of their global annual turnover or €20 million, whichever sum is greater.
“Monitor – establish security controls to detect and respond to requests and data breaches”
Subject access requests can be an onerous task for businesses that do not have the correct systems in place for dealing with such an appeal. Scanning once is simply not a plan of action for any company that is looking to comply with GDPR on a long-term basis. Systems and processes need to be implemented from the CEO down to deal with GDPR, but what do you do once the data has been found?
“Remediate – giving you real-time access to take affirmative action on sensitive data”
Very few products are as effective at finding and securing sensitive data as Ground Labs with our flagship product: Enterprise Recon. Customers are using Enterprise Recon to find and remediate their stored sensitive data. The solution is pre-configured with over 200+ sensitive data types but also gives the user the ability to add their own custom data types to scan for, which is an invaluable tool when dealing with GDPR Subject Access Requests and subsequently provides a platform to fulfil the right to erasure requests.
GDPR is happening now so don’t become the next headline, get ready with Enterprise Recon.
To learn more about how we find sensitive data or would like a live product demonstration please visit www.groundlabs.com