General Data Protection Regulation (GDPR)

Simplified GDPR compliance for Microsoft environments

Effective May 25, 2018, the General Data Protection Regulation (GDPR) will require organizations to strengthen data protection and security measures to protect the personally identifiable information (PII) of EU citizens. More specifically, organizations must ensure only people who should have access to PII have that access. Also, reasonable measures must be in place to protect data from unauthorized access as well as prove accountability of those accessing it.

GDPR impacts all organizations, in all industries and regions — even those outside the EU that collect and store personal information of EU citizens. GDPR also poses major challenges, including:

  • The need for continuous compliance and auditing — Organizations must be able to demonstrate compliance at any time.
  • Mandatory data breach notifications — In the event of a breach, organizations must notify the local Data Protection Authority (DPA) and all affected customers within 72 hours, or risk heavy fines and reputation damage.

How to prepare for GDPR compliance

Capabilities

Don’t be the first bad headline after GDPR takes effect — start preparing now by improving your security posture and strengthening data protection safeguards across your on-premises, cloud and hybrid Microsoft environment. Doing so can help you achieve and maintain GDPR compliance and avoid costly fines and reputation damage. With Quest solutions, you’ll be able to continually assess, monitor and control your environment so you can stay more productive, secure and compliant with GDPR.

Discover and assess

Discover who has access to your unstructured personal data that may exist across Windows file servers, NAS devices, SQL Server, Office 365, Active Directory (AD) and more. Identify users with inappropriate access to reduce the risk of data breaches by evaluating and reporting on existing security policies, system configuration settings and privileged access rights. Assess the current state of critical IT assets such as users, computer and group information, direct and nested group memberships, OU and file/folder permissions, ownership and more to ensure only the right people have access.

Monitor and investigate

Simplify GDPR compliance reporting and mitigate the risk of personal data breaches with real-time auditing and in-depth forensics on all configuration, user and administrator changes across your Microsoft environment. Detect suspicious activity or unauthorized access to files or systems containing personal data and quickly determine who made what changes, when, where and what workstation/origin. Get real-time data breach alerts that notify your data protection officer and other key stakeholders immediately to avoid fines and reputation damage, and respond quickly by investigating data breaches to understand the root cause and scope of the breach. For compliance purposes, archive event log data with long-term retention and compression.

Govern and control

Strengthen internal security and governance by strictly controlling access to sensitive resources to help ensure data protection by design and by default. Securely delegate administration using a least-privilege model and enforce permission blacklisting and whitelisting in AD. Verify security policies are appropriately set and then grant, revoke or modify access to data and applications as needed.

Related items

Security and compliance
Security and compliance

Improve auditing, compliance and security with our automated solutions. Get real-time visibility, audit-ready reports and much more.

Hybrid Active Directory security and governance
Hybrid Active Directory security and governance

Complete solution for optimized hybrid Active Directory security posture.

Reporting
Reporting

Automate and improve Active Directory auditing, along with SharePoint, Linux and SQL Server security with our solutions.

Group Policy and Permissions
Group Policy and Permissions

Automate critical Group Policy tasks and manage permissions across Windows environments with solutions for managing GPOs, user/group permissions and reporting.

Windows Server
Windows Server

Make your Microsoft Windows Server environment secure, compliant and available. Elevate Microsoft Server performance with our solutions.

Active Directory
Active Directory

Our solutions for Microsoft Active Directory are a unique solution for automation and provisioning, compliance and audits, security, disaster recovery, migration and directory consolidation.

Contact Us
x

Need help? We're here for you.

Contact Us