The importance of data security and privacy seems obvious especially since its everyday we hear of a data breach in the news. And it gets more challenging as the amount of data increases and the need to access it faster. With the need to protect data so urgent that companies should look at the lowest hanging fruit first such as vulnerability assessments and data discovery (know where your sensitive data is) and user access/entitlement reports. Most breaches can be prevented with proper configuration. Regulations such as GDPR will driving the enterprise space to adopt more data security technologies like Database Activity Monitoring (DAM) and Data Encryption.
Compliance and Regulations
GDPR seems to be on everyone’s mind these days and understandably so. We strongly urge our clients to conduct a data discovery and classification project as soon as possible. Only when you know where your data is, that’s when you’ll be best able to comply with regulations such as GDPR, NYDFS, PCI DSS, HIPAA and SOX.
GDPR Security Requirements
- Manage and implement Security Program Practices such as risk assessment, roles and responsibilities, program effectiveness
- Document Security program – Ongoing monitoring, assessment, evaluation and reporting of security controls and activities