General Data Protection Regulation (GDPR)
Simplify GDPR compliance with Microsoft platform, endpoint and data management The General Data Protection Regulation (GDPR) requires organizations to strengthen data protection and security measures to protect the personally identifiable information (PII) of EU citizens. More specifically, organizations must ensure only people who should have access to PII have that access. Also, reasonable measures must be in place to protect data from unauthorized access as well as prove accountability of those accessing it.
GDPR impacts all organizations, in all industries and regions — even those outside the EU that collect and store personal information of EU citizens. GDPR also poses major challenges for organizations in regards to compliance and auditing and the requirement for data breach notifications. Organizations need continuous compliance and auditing to be able to demonstrate compliance at any time. Furthermore, in the event of a breach, organizations must notify the local Data Protection Authority (DPA) and all affected customers within 72 hours, or risk heavy fines and reputation damage.
Capabilities
Improve the security of your Microsoft environment and endpoint devices, and strengthen data protection safeguards. Doing so can help you achieve and maintain GDPR compliance and avoid costly fines and reputation damage. With Quest solutions, you’ll be able to continually assess, monitor and control your environment so you can stay more productive, secure and GDPR-compliant.
Discover and assess
Reduce the risk of data breaches by discovering and classifying sensitive data across SharePoint and Office 365. Ensure that users have appropriate access to any unstructured personal data that may exist across Windows file servers, NAS devices, SQL Server, Active Directory (AD) and more.
Scan your entire network to identify connected devices and provide a detailed hardware and software inventory, including non-computer devices, such as networking gear, printers and IP telephony. These actionable inventory reports make it easier to demonstrate compliance.
Monitor and investigate
Support GDPR compliance reporting with real-time auditing and forensics on all suspicious activity or unauthorized access to files or systems containing personal data. Data breach alerts notify your data protection officer and other stakeholders immediately so you can quickly investigate the root cause and scope of the breach. For compliance purposes, archive event log data with long-term retention and compression.
We also provide end-to-end monitoring of your physical and virtual environments. When you use a single interface for end-user, infrastructure and application performance monitoring, you can gauge the interdependencies between all three to quickly target problem resolution. This provides maximum application uptime and data availability.
Govern and control
Strengthen internal security and governance security and governance by controlling access to sensitive resources to help ensure data protection by design and by default. Securely delegate administration using a least-privilege model. Verify security policies are appropriately set and then grant, revoke or modify access to data and applications as needed.
Mitigate risks, such as accidental or unlawful destruction, loss, and alteration by implementing up-to-date security patches and software releases on servers and endpoints. Streamlining configuration and policy enforcement processes will lower these risks.