SlideShare a Scribd company logo

Get your Enterprise Ready for GDPR

A
Abhishek Sood

Gartner predicts that by the end of 2018, more than 50% of companies affected by the GDPR will not be in full compliance with its requirements. Take a closer look at this white paper to reveal a checklist for securing personal data to prepare for the GDPR. Uncover 4 fundamentals to protecting your personal data, including: Protecting access Responding rapidly to a breach And 2 more

1 of 2
Download to read offline
In protecting access to personal data, do you: Need to do better We’re good Manage accounts by the “least privilege principle,” e.g., use admin accounts for administrative tasks only? Delegate only those permissions needed for a user to do his/her job?   Segregate accounts used to manage domain controllers, servers and workstations?   Remove plain-text application credentials, such as embedded passwords and locally stored SSH keys?   Automatically select and rotate unique passwords for all admin accounts?   Use a password vault which automatically enforces strong password policies?   Enforce multi-factor authentication for users to access credentials in the vault?   Force all privileged sessions through a secure jump server?   Isolate administrative access to personal data from Internet-connected workstations?   Restrict application accounts to “least privilege”, e.g. not allow applications to have domain administrator privileges?   Get Your Enterprise Ready for GDPR A Privileged Account Security Checklist for Securing Personal Data The General Data Protection Regulation (GDPR) includes four fundamentals related to Privileged Account Management for securing and protecting personal data: Prior to and in responding to a breach, can you: Need to do better We’re good Detect the misuse of credentials leading to a breach of personal data early in the attack lifecycle?   Perform live monitoring and recording of user activity during privileged sessions?   Detect credential theft—for example, by monitoring administrative activities associated with a password vault?   Isolate privileged sessions, especially those originating from outside the network and from unmanaged devices, e.g. third parties?   Account for who accessed what personal data on which systems when, including third party accounts who process personal data for you?   Identify all locations of malware that may have been used to facilitate the breach?   1. Protecting access 2. Responding rapidly to a breach 3. Assessing risk to personal data 4. Demonstrating compliance Operational control over who has access to personal data is at the heart of complying with the GDPR, and this requires a strong Privileged Account Management strategy. This practical checklist will help you evaluate not only your ability to avoid financial penalties and liability associated with GDPR, but implement a stronger enterprise security posture moving forward better protecting all your valuable corporate data, your customer relationships, and your brand and business partnerships. OF COMPANIES AFFECTED BY THE GDPR WILL NOT BE IN FULL COMPLIANCE WITH ITS REQUIREMENTS.1 GARTNER PREDICTS THAT BY THE END OF 2018, MORE THAN 50% 1 Gartner Press Release, “Gartner Says Organizations Are Unprepared for the 2018 European Data Protection Regulation“, May 3, 2017. http://www.gartner.com/newsroom/id/3701117
All rights reserved. No portion of this publication may be reproduced in any form or by any means without the express written consent of CyberArk Software. CyberArk® , the CyberArk logo and other trade or service names appearing above are registered trademarks (or trademarks) of CyberArk Software in the U.S. and other jurisdictions. Any other trade and service names are the property of their respective owners. U.S., 6.17. Doc # 165 CyberArk believes the information in this document is accurate as of its publication date. The information is provided without any express, statutory, or implied warranties and is subject to change without notice. In assessing risk to your personal data, do you regularly: Need to do better We’re good Exercise regular discovery processes to identify privileged accounts and credentials, including passwords and SSH keys?   Map trust relationships between accounts and systems that have access to personal data?   Limit the proliferation of administrative accounts by minimizing the use of personal privileged accounts?   Conduct “ethical hacking” attacks to determine areas of privileged access vulnerability?   Look for signs of suspicious lateral movement or privilege escalation in real time?   Leverage behavioral analytics to detect suspicious user and account activity that could indicate a compromised privileged account?   Evaluate the processes for securely adding new users and assets to the system and de-provisioning obsolete ones?   To demonstrate GDPR compliance, can you: Need to do better We’re good Provide audit logs of who and what (e.g. applications) accessed personal data, including third party access to personal data?   Enforce access controls to ensure that only the right users are able to access – or request access to – authorized credentials?   Monitor access to privileged accounts and require users to “check-out” shared account credentials to establish individual accountability?   Quickly and easily generate reports that verify you have privileged account controls in place?   Automatically and regularly scan the network to identify accounts needing better protection, and show the reduction in vulnerable accounts.   Provide tamper-proof audit logs and session recordings to demonstrate audit integrity?   Assess environmental risks and distinguish between normal and abnormal behavior?   Define high-risk activity and alert the necessary incident response teams?   Conduct impact assessments to measure the effectiveness of security controls you have in place?   CyberArk Privileged Account Security provides end-to-end proactive protection, continuous monitoring and threat detection for privileged accounts that have access to the systems containing personal data, whether by the controllers who collect it or their partners who process it. The CyberArk solution is proven to scale in complex environments, and can easily encompass new users, applications and systems using a distributed architecture inside the network. Taking a proactive approach to privileged access and GDPR compliance limits your risks of fines and liability, as well as provides strategic business benefits from a stronger security posture. To learn how to address improvements in areas identified in the checklist, contact your sales representative or visit us at www.cyberark.com/GDPR and see how CyberArk can help your organization.

Recommended

C:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionC:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_lossprevention
Yustinus Simon
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
Shahbaz Khan
 
Atris SIEM Service Datasheet NoBleed - HIPAA
Atris SIEM Service Datasheet NoBleed - HIPAAAtris SIEM Service Datasheet NoBleed - HIPAA
Atris SIEM Service Datasheet NoBleed - HIPAA
Kristopher Mann
 
SAP Compliance Management Demystified | Symmetry
SAP Compliance Management Demystified | SymmetrySAP Compliance Management Demystified | Symmetry
SAP Compliance Management Demystified | Symmetry
Symmetry™
 
Appsian remote access_infographic
Appsian remote access_infographicAppsian remote access_infographic
Appsian remote access_infographic
Appsian
 
Uganda Cloud Computing Panel
Uganda Cloud Computing PanelUganda Cloud Computing Panel
Uganda Cloud Computing Panel
Commonwealth Telecommunications Organisation
 
Data Loss Prevention with WatchGuard XCS Solutions
Data Loss Prevention with WatchGuard XCS SolutionsData Loss Prevention with WatchGuard XCS Solutions
Data Loss Prevention with WatchGuard XCS Solutions
Jone Smith
 
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
ForgeRock
 

Recommended

C:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_losspreventionC:\fakepath\wg xcs data_lossprevention
C:\fakepath\wg xcs data_lossprevention
Yustinus Simon
 
what is data security full ppt
what is data security full pptwhat is data security full ppt
what is data security full ppt
Shahbaz Khan
 
Atris SIEM Service Datasheet NoBleed - HIPAA
Atris SIEM Service Datasheet NoBleed - HIPAAAtris SIEM Service Datasheet NoBleed - HIPAA
Atris SIEM Service Datasheet NoBleed - HIPAA
Kristopher Mann
 
SAP Compliance Management Demystified | Symmetry
SAP Compliance Management Demystified | SymmetrySAP Compliance Management Demystified | Symmetry
SAP Compliance Management Demystified | Symmetry
Symmetry™
 
Appsian remote access_infographic
Appsian remote access_infographicAppsian remote access_infographic
Appsian remote access_infographic
Appsian
 
Uganda Cloud Computing Panel
Uganda Cloud Computing PanelUganda Cloud Computing Panel
Uganda Cloud Computing Panel
Commonwealth Telecommunications Organisation
 
Data Loss Prevention with WatchGuard XCS Solutions
Data Loss Prevention with WatchGuard XCS SolutionsData Loss Prevention with WatchGuard XCS Solutions
Data Loss Prevention with WatchGuard XCS Solutions
Jone Smith
 
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPSUSING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
USING BEHAVIOR TO IMPROVE SECURITY AND ENHANCE RELATIONSHIPS
ForgeRock
 
Securing your Event Data
Securing your Event DataSecuring your Event Data
Securing your Event Data
GenieConnect
 
Seclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore for Forcepoint DLP
Seclore for Forcepoint DLP
Seclore
 
SaaS Platform Securing
SaaS Platform SecuringSaaS Platform Securing
SaaS Platform Securing
Leo TechnoSoft
 
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Avni Rajput
 
IT Trends - Cyber Security
IT Trends - Cyber SecurityIT Trends - Cyber Security
IT Trends - Cyber Security
Datix Consulting
 
Protect your Data even under breach
Protect your Data even under breachProtect your Data even under breach
Protect your Data even under breach
CloudMask inc.
 
SharePoint Security Playbook [eBook]
SharePoint Security Playbook [eBook]SharePoint Security Playbook [eBook]
SharePoint Security Playbook [eBook]
Imperva
 
Website integrity
Website integrityWebsite integrity
Website integrity
jeannie_wu
 
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Microsoft Österreich
 
Healthcare data breach
Healthcare data breachHealthcare data breach
Healthcare data breach
healthsoftware
 
Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...
Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...
Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...
Christian Buckley
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Eryk Budi Pratama
 
The three chain links of radius security
The three chain links of radius securityThe three chain links of radius security
The three chain links of radius security
Grafic.guru
 
Get Ahead of your Next Security Breach
Get Ahead of your Next Security BreachGet Ahead of your Next Security Breach
Get Ahead of your Next Security Breach
Abhishek Sood
 
Threats to online security and data
Threats to online security and dataThreats to online security and data
Threats to online security and data
Anthonywheeler
 
Mcafee CASB/DLP + Seclore Rights Management Solutions
Mcafee CASB/DLP + Seclore Rights Management Solutions Mcafee CASB/DLP + Seclore Rights Management Solutions
Mcafee CASB/DLP + Seclore Rights Management Solutions
Seclore
 
Respond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security reqRespond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security req
SHIVA101531
 
Data Security For Insurance Solutions
Data Security For Insurance SolutionsData Security For Insurance Solutions
Data Security For Insurance Solutions
Seclore
 
20181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 36520181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 365
Arjan Cornelissen
 
Forensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet ActivityForensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet Activity
Wavecrest Computing
 
5 Reasons to Always Keep an Eye on Privileged Business Accounts
5 Reasons to Always Keep an Eye on Privileged Business Accounts5 Reasons to Always Keep an Eye on Privileged Business Accounts
5 Reasons to Always Keep an Eye on Privileged Business Accounts
AnayaGrewal
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
Piyush Jain
 

More Related Content

What's hot

Securing your Event Data
Securing your Event DataSecuring your Event Data
Securing your Event Data
GenieConnect
 
Seclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore for Forcepoint DLP
Seclore for Forcepoint DLP
Seclore
 
SaaS Platform Securing
SaaS Platform SecuringSaaS Platform Securing
SaaS Platform Securing
Leo TechnoSoft
 
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Avni Rajput
 
IT Trends - Cyber Security
IT Trends - Cyber SecurityIT Trends - Cyber Security
IT Trends - Cyber Security
Datix Consulting
 
Protect your Data even under breach
Protect your Data even under breachProtect your Data even under breach
Protect your Data even under breach
CloudMask inc.
 
SharePoint Security Playbook [eBook]
SharePoint Security Playbook [eBook]SharePoint Security Playbook [eBook]
SharePoint Security Playbook [eBook]
Imperva
 
Website integrity
Website integrityWebsite integrity
Website integrity
jeannie_wu
 
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Microsoft Österreich
 
Healthcare data breach
Healthcare data breachHealthcare data breach
Healthcare data breach
healthsoftware
 
Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...
Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...
Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...
Christian Buckley
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Eryk Budi Pratama
 
The three chain links of radius security
The three chain links of radius securityThe three chain links of radius security
The three chain links of radius security
Grafic.guru
 
Get Ahead of your Next Security Breach
Get Ahead of your Next Security BreachGet Ahead of your Next Security Breach
Get Ahead of your Next Security Breach
Abhishek Sood
 
Threats to online security and data
Threats to online security and dataThreats to online security and data
Threats to online security and data
Anthonywheeler
 
Mcafee CASB/DLP + Seclore Rights Management Solutions
Mcafee CASB/DLP + Seclore Rights Management Solutions Mcafee CASB/DLP + Seclore Rights Management Solutions
Mcafee CASB/DLP + Seclore Rights Management Solutions
Seclore
 
Respond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security reqRespond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security req
SHIVA101531
 
Data Security For Insurance Solutions
Data Security For Insurance SolutionsData Security For Insurance Solutions
Data Security For Insurance Solutions
Seclore
 
20181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 36520181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 365
Arjan Cornelissen
 
Forensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet ActivityForensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet Activity
Wavecrest Computing
 

What's hot (20)

Securing your Event Data
Securing your Event DataSecuring your Event Data
Securing your Event Data
 
Seclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore for Forcepoint DLP
Seclore for Forcepoint DLP
 
SaaS Platform Securing
SaaS Platform SecuringSaaS Platform Securing
SaaS Platform Securing
 
Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data Top 5 Ways How Accounting Firms Can Protect Their Client Data
Top 5 Ways How Accounting Firms Can Protect Their Client Data
 
IT Trends - Cyber Security
IT Trends - Cyber SecurityIT Trends - Cyber Security
IT Trends - Cyber Security
 
Protect your Data even under breach
Protect your Data even under breachProtect your Data even under breach
Protect your Data even under breach
 
SharePoint Security Playbook [eBook]
SharePoint Security Playbook [eBook]SharePoint Security Playbook [eBook]
SharePoint Security Playbook [eBook]
 
Website integrity
Website integrityWebsite integrity
Website integrity
 
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
Harald Leitenmüller | DSGVO - globaler, zeitgemäßer Datenschutzstandard für M...
 
Healthcare data breach
Healthcare data breachHealthcare data breach
Healthcare data breach
 
Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...
Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...
Securing SharePoint -- 5 SharePoint Security Essentials You Cannot Afford to ...
 
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_ErykData Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
Data Protection Indonesia: Basic Regulation and Technical Aspects_Eryk
 
The three chain links of radius security
The three chain links of radius securityThe three chain links of radius security
The three chain links of radius security
 
Get Ahead of your Next Security Breach
Get Ahead of your Next Security BreachGet Ahead of your Next Security Breach
Get Ahead of your Next Security Breach
 
Threats to online security and data
Threats to online security and dataThreats to online security and data
Threats to online security and data
 
Mcafee CASB/DLP + Seclore Rights Management Solutions
Mcafee CASB/DLP + Seclore Rights Management Solutions Mcafee CASB/DLP + Seclore Rights Management Solutions
Mcafee CASB/DLP + Seclore Rights Management Solutions
 
Respond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security reqRespond to the following in a minimum of 175 words security req
Respond to the following in a minimum of 175 words security req
 
Data Security For Insurance Solutions
Data Security For Insurance SolutionsData Security For Insurance Solutions
Data Security For Insurance Solutions
 
20181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 36520181110 sps leicester connect protecting your data in office 365
20181110 sps leicester connect protecting your data in office 365
 
Forensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet ActivityForensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet Activity
 

Similar to Get your Enterprise Ready for GDPR

5 Reasons to Always Keep an Eye on Privileged Business Accounts
5 Reasons to Always Keep an Eye on Privileged Business Accounts5 Reasons to Always Keep an Eye on Privileged Business Accounts
5 Reasons to Always Keep an Eye on Privileged Business Accounts
AnayaGrewal
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
Piyush Jain
 
unveiling-the-true-potential-of-identity-strengthening-security-through-compl...
unveiling-the-true-potential-of-identity-strengthening-security-through-compl...unveiling-the-true-potential-of-identity-strengthening-security-through-compl...
unveiling-the-true-potential-of-identity-strengthening-security-through-compl...
Harshada Mulay
 
Identity and Access Intelligence
Identity and Access IntelligenceIdentity and Access Intelligence
Identity and Access Intelligence
Tim Bell
 
5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!
Caroline Johnson
 
Soc 2 Compliance.pdf
Soc 2 Compliance.pdfSoc 2 Compliance.pdf
Soc 2 Compliance.pdf
roguelogics
 
Soc 2 Compliance.pdf
Soc 2 Compliance.pdfSoc 2 Compliance.pdf
Soc 2 Compliance.pdf
roguelogics
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
amiable_indian
 
MSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionMSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information Protection
Kesavan Munuswamy
 
Intro To Secure Identity Management
Intro To Secure Identity ManagementIntro To Secure Identity Management
Intro To Secure Identity Management
Product Marketing Services
 
Intelligence Driven Identity and Access Management
Intelligence Driven Identity and Access ManagementIntelligence Driven Identity and Access Management
Intelligence Driven Identity and Access Management
EMC
 
Roadmap to SAP® Security and Compliance | Symmetry
Roadmap to SAP® Security and Compliance | SymmetryRoadmap to SAP® Security and Compliance | Symmetry
Roadmap to SAP® Security and Compliance | Symmetry
Symmetry™
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
Adrian Dumitrescu
 
Ways to Safeguard Your Business from a Data Breach
Ways to Safeguard Your Business from a Data BreachWays to Safeguard Your Business from a Data Breach
Ways to Safeguard Your Business from a Data Breach
incmagazineseo
 
Importance of Access Control System for Your Organization Security
Importance of Access Control System for Your Organization SecurityImportance of Access Control System for Your Organization Security
Importance of Access Control System for Your Organization Security
Nexlar Security
 
The Essentials | Privileged Access Management
The Essentials | Privileged Access ManagementThe Essentials | Privileged Access Management
The Essentials | Privileged Access Management
Ryan Gallavin
 
Security as a Service flyer
Security as a Service flyerSecurity as a Service flyer
Security as a Service flyer
Scott Fields
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
Piyush Jain
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
MTG IT Professionals
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
University of Essex
 

Similar to Get your Enterprise Ready for GDPR (20)

5 Reasons to Always Keep an Eye on Privileged Business Accounts
5 Reasons to Always Keep an Eye on Privileged Business Accounts5 Reasons to Always Keep an Eye on Privileged Business Accounts
5 Reasons to Always Keep an Eye on Privileged Business Accounts
 
Identity and access management
Identity and access managementIdentity and access management
Identity and access management
 
unveiling-the-true-potential-of-identity-strengthening-security-through-compl...
unveiling-the-true-potential-of-identity-strengthening-security-through-compl...unveiling-the-true-potential-of-identity-strengthening-security-through-compl...
unveiling-the-true-potential-of-identity-strengthening-security-through-compl...
 
Identity and Access Intelligence
Identity and Access IntelligenceIdentity and Access Intelligence
Identity and Access Intelligence
 
5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!5 Reasons Why Your Business Should Consider Strong Authentication!
5 Reasons Why Your Business Should Consider Strong Authentication!
 
Soc 2 Compliance.pdf
Soc 2 Compliance.pdfSoc 2 Compliance.pdf
Soc 2 Compliance.pdf
 
Soc 2 Compliance.pdf
Soc 2 Compliance.pdfSoc 2 Compliance.pdf
Soc 2 Compliance.pdf
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
 
MSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information ProtectionMSFT Cloud Architecture Information Protection
MSFT Cloud Architecture Information Protection
 
Intro To Secure Identity Management
Intro To Secure Identity ManagementIntro To Secure Identity Management
Intro To Secure Identity Management
 
Intelligence Driven Identity and Access Management
Intelligence Driven Identity and Access ManagementIntelligence Driven Identity and Access Management
Intelligence Driven Identity and Access Management
 
Roadmap to SAP® Security and Compliance | Symmetry
Roadmap to SAP® Security and Compliance | SymmetryRoadmap to SAP® Security and Compliance | Symmetry
Roadmap to SAP® Security and Compliance | Symmetry
 
GDPR Part 2: Quest Relevance
GDPR Part 2: Quest RelevanceGDPR Part 2: Quest Relevance
GDPR Part 2: Quest Relevance
 
Ways to Safeguard Your Business from a Data Breach
Ways to Safeguard Your Business from a Data BreachWays to Safeguard Your Business from a Data Breach
Ways to Safeguard Your Business from a Data Breach
 
Importance of Access Control System for Your Organization Security
Importance of Access Control System for Your Organization SecurityImportance of Access Control System for Your Organization Security
Importance of Access Control System for Your Organization Security
 
The Essentials | Privileged Access Management
The Essentials | Privileged Access ManagementThe Essentials | Privileged Access Management
The Essentials | Privileged Access Management
 
Security as a Service flyer
Security as a Service flyerSecurity as a Service flyer
Security as a Service flyer
 
Logging, monitoring and auditing
Logging, monitoring and auditingLogging, monitoring and auditing
Logging, monitoring and auditing
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
 

More from Abhishek Sood

The future of enterprise management
The future of enterprise management The future of enterprise management
The future of enterprise management
Abhishek Sood
 
Gain new visibility in your DevOps team
Gain new visibility in your DevOps team Gain new visibility in your DevOps team
Gain new visibility in your DevOps team
Abhishek Sood
 
Cybersecurity the new metrics
Cybersecurity the new metricsCybersecurity the new metrics
Cybersecurity the new metrics
Abhishek Sood
 
Azure IaaS: Cost savings, new revenue opportunities, and business benefits
Azure IaaS: Cost savings, new revenue opportunities, and business benefits Azure IaaS: Cost savings, new revenue opportunities, and business benefits
Azure IaaS: Cost savings, new revenue opportunities, and business benefits
Abhishek Sood
 
3-part approach to turning IoT data into business power
3-part approach to turning IoT data into business power 3-part approach to turning IoT data into business power
3-part approach to turning IoT data into business power
Abhishek Sood
 
How a bad HR dept. can lose $9M
How a bad HR dept. can lose $9M How a bad HR dept. can lose $9M
How a bad HR dept. can lose $9M
Abhishek Sood
 
Big news coming for DevOps: What you need to know
Big news coming for DevOps: What you need to know Big news coming for DevOps: What you need to know
Big news coming for DevOps: What you need to know
Abhishek Sood
 
Microservices best practices: Integration platforms, APIs, and more
Microservices best practices: Integration platforms, APIs, and more Microservices best practices: Integration platforms, APIs, and more
Microservices best practices: Integration platforms, APIs, and more
Abhishek Sood
 
How to measure your cybersecurity performance
How to measure your cybersecurity performanceHow to measure your cybersecurity performance
How to measure your cybersecurity performance
Abhishek Sood
 
Why adopt more than one cloud service?
Why adopt more than one cloud service? Why adopt more than one cloud service?
Why adopt more than one cloud service?
Abhishek Sood
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --Symantec
Abhishek Sood
 
How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approach How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approach
Abhishek Sood
 
DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks
Abhishek Sood
 
IoT: 3 keys to handling the oncoming barrage of use cases
IoT: 3 keys to handling the oncoming barrage of use cases IoT: 3 keys to handling the oncoming barrage of use cases
IoT: 3 keys to handling the oncoming barrage of use cases
Abhishek Sood
 
How 3 trends are shaping analytics and data management
How 3 trends are shaping analytics and data management How 3 trends are shaping analytics and data management
How 3 trends are shaping analytics and data management
Abhishek Sood
 
API-led connectivity: How to leverage reusable microservices
API-led connectivity: How to leverage reusable microservices API-led connectivity: How to leverage reusable microservices
API-led connectivity: How to leverage reusable microservices
Abhishek Sood
 
How to create a secure high performance storage and compute infrastructure
How to create a secure high performance storage and compute infrastructure How to create a secure high performance storage and compute infrastructure
How to create a secure high performance storage and compute infrastructure
Abhishek Sood
 
Enterprise software usability and digital transformation
Enterprise software usability and digital transformationEnterprise software usability and digital transformation
Enterprise software usability and digital transformation
Abhishek Sood
 
Transforming for digital customers across 6 key industries
Transforming for digital customers across 6 key industries Transforming for digital customers across 6 key industries
Transforming for digital customers across 6 key industries
Abhishek Sood
 
Authentication best practices: Experts weigh in
Authentication best practices: Experts weigh inAuthentication best practices: Experts weigh in
Authentication best practices: Experts weigh in
Abhishek Sood
 

More from Abhishek Sood (20)

The future of enterprise management
The future of enterprise management The future of enterprise management
The future of enterprise management
 
Gain new visibility in your DevOps team
Gain new visibility in your DevOps team Gain new visibility in your DevOps team
Gain new visibility in your DevOps team
 
Cybersecurity the new metrics
Cybersecurity the new metricsCybersecurity the new metrics
Cybersecurity the new metrics
 
Azure IaaS: Cost savings, new revenue opportunities, and business benefits
Azure IaaS: Cost savings, new revenue opportunities, and business benefits Azure IaaS: Cost savings, new revenue opportunities, and business benefits
Azure IaaS: Cost savings, new revenue opportunities, and business benefits
 
3-part approach to turning IoT data into business power
3-part approach to turning IoT data into business power 3-part approach to turning IoT data into business power
3-part approach to turning IoT data into business power
 
How a bad HR dept. can lose $9M
How a bad HR dept. can lose $9M How a bad HR dept. can lose $9M
How a bad HR dept. can lose $9M
 
Big news coming for DevOps: What you need to know
Big news coming for DevOps: What you need to know Big news coming for DevOps: What you need to know
Big news coming for DevOps: What you need to know
 
Microservices best practices: Integration platforms, APIs, and more
Microservices best practices: Integration platforms, APIs, and more Microservices best practices: Integration platforms, APIs, and more
Microservices best practices: Integration platforms, APIs, and more
 
How to measure your cybersecurity performance
How to measure your cybersecurity performanceHow to measure your cybersecurity performance
How to measure your cybersecurity performance
 
Why adopt more than one cloud service?
Why adopt more than one cloud service? Why adopt more than one cloud service?
Why adopt more than one cloud service?
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --Symantec
 
How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approach How to integrate risk into your compliance-only approach
How to integrate risk into your compliance-only approach
 
DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks
 
IoT: 3 keys to handling the oncoming barrage of use cases
IoT: 3 keys to handling the oncoming barrage of use cases IoT: 3 keys to handling the oncoming barrage of use cases
IoT: 3 keys to handling the oncoming barrage of use cases
 
How 3 trends are shaping analytics and data management
How 3 trends are shaping analytics and data management How 3 trends are shaping analytics and data management
How 3 trends are shaping analytics and data management
 
API-led connectivity: How to leverage reusable microservices
API-led connectivity: How to leverage reusable microservices API-led connectivity: How to leverage reusable microservices
API-led connectivity: How to leverage reusable microservices
 
How to create a secure high performance storage and compute infrastructure
How to create a secure high performance storage and compute infrastructure How to create a secure high performance storage and compute infrastructure
How to create a secure high performance storage and compute infrastructure
 
Enterprise software usability and digital transformation
Enterprise software usability and digital transformationEnterprise software usability and digital transformation
Enterprise software usability and digital transformation
 
Transforming for digital customers across 6 key industries
Transforming for digital customers across 6 key industries Transforming for digital customers across 6 key industries
Transforming for digital customers across 6 key industries
 
Authentication best practices: Experts weigh in
Authentication best practices: Experts weigh inAuthentication best practices: Experts weigh in
Authentication best practices: Experts weigh in
 

Recently uploaded

University of New South Wales degree offer diploma Transcript
University of New South Wales degree offer diploma TranscriptUniversity of New South Wales degree offer diploma Transcript
University of New South Wales degree offer diploma Transcript
soxrziqu
 
一比一原版(UIUC毕业证)伊利诺伊大学|厄巴纳-香槟分校毕业证如何办理
一比一原版(UIUC毕业证)伊利诺伊大学|厄巴纳-香槟分校毕业证如何办理一比一原版(UIUC毕业证)伊利诺伊大学|厄巴纳-香槟分校毕业证如何办理
一比一原版(UIUC毕业证)伊利诺伊大学|厄巴纳-香槟分校毕业证如何办理
ahzuo
 
Everything you wanted to know about LIHTC
Everything you wanted to know about LIHTCEverything you wanted to know about LIHTC
Everything you wanted to know about LIHTC
Roger Valdez
 
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
74nqk8xf
 
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
Aggregage
 
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging DataPredictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
Kiwi Creative
 
一比一原版(Chester毕业证书)切斯特大学毕业证如何办理
一比一原版(Chester毕业证书)切斯特大学毕业证如何办理一比一原版(Chester毕业证书)切斯特大学毕业证如何办理
一比一原版(Chester毕业证书)切斯特大学毕业证如何办理
74nqk8xf
 
The Ipsos - AI - Monitor 2024 Report.pdf
The Ipsos - AI - Monitor 2024 Report.pdfThe Ipsos - AI - Monitor 2024 Report.pdf
The Ipsos - AI - Monitor 2024 Report.pdf
Social Samosa
 
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
74nqk8xf
 
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
g4dpvqap0
 
一比一原版(UofS毕业证书)萨省大学毕业证如何办理
一比一原版(UofS毕业证书)萨省大学毕业证如何办理一比一原版(UofS毕业证书)萨省大学毕业证如何办理
一比一原版(UofS毕业证书)萨省大学毕业证如何办理
v3tuleee
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
Timothy Spann
 
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
v7oacc3l
 
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
Social Samosa
 
End-to-end pipeline agility - Berlin Buzzwords 2024
End-to-end pipeline agility - Berlin Buzzwords 2024End-to-end pipeline agility - Berlin Buzzwords 2024
End-to-end pipeline agility - Berlin Buzzwords 2024
Lars Albertsson
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
Timothy Spann
 
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
sameer shah
 
Natural Language Processing (NLP), RAG and its applications .pptx
Natural Language Processing (NLP), RAG and its applications .pptxNatural Language Processing (NLP), RAG and its applications .pptx
Natural Language Processing (NLP), RAG and its applications .pptx
fkyes25
 
My burning issue is homelessness K.C.M.O.
My burning issue is homelessness K.C.M.O.My burning issue is homelessness K.C.M.O.
My burning issue is homelessness K.C.M.O.
rwarrenll
 
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
dwreak4tg
 

Recently uploaded (20)

University of New South Wales degree offer diploma Transcript
University of New South Wales degree offer diploma TranscriptUniversity of New South Wales degree offer diploma Transcript
University of New South Wales degree offer diploma Transcript
 
一比一原版(UIUC毕业证)伊利诺伊大学|厄巴纳-香槟分校毕业证如何办理
一比一原版(UIUC毕业证)伊利诺伊大学|厄巴纳-香槟分校毕业证如何办理一比一原版(UIUC毕业证)伊利诺伊大学|厄巴纳-香槟分校毕业证如何办理
一比一原版(UIUC毕业证)伊利诺伊大学|厄巴纳-香槟分校毕业证如何办理
 
Everything you wanted to know about LIHTC
Everything you wanted to know about LIHTCEverything you wanted to know about LIHTC
Everything you wanted to know about LIHTC
 
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
一比一原版(牛布毕业证书)牛津布鲁克斯大学毕业证如何办理
 
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...
 
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging DataPredictably Improve Your B2B Tech Company's Performance by Leveraging Data
Predictably Improve Your B2B Tech Company's Performance by Leveraging Data
 
一比一原版(Chester毕业证书)切斯特大学毕业证如何办理
一比一原版(Chester毕业证书)切斯特大学毕业证如何办理一比一原版(Chester毕业证书)切斯特大学毕业证如何办理
一比一原版(Chester毕业证书)切斯特大学毕业证如何办理
 
The Ipsos - AI - Monitor 2024 Report.pdf
The Ipsos - AI - Monitor 2024 Report.pdfThe Ipsos - AI - Monitor 2024 Report.pdf
The Ipsos - AI - Monitor 2024 Report.pdf
 
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
一比一原版(Coventry毕业证书)考文垂大学毕业证如何办理
 
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)爱丁堡大学毕业证如何办理
 
一比一原版(UofS毕业证书)萨省大学毕业证如何办理
一比一原版(UofS毕业证书)萨省大学毕业证如何办理一比一原版(UofS毕业证书)萨省大学毕业证如何办理
一比一原版(UofS毕业证书)萨省大学毕业证如何办理
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
 
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
在线办理(英国UCA毕业证书)创意艺术大学毕业证在读证明一模一样
 
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
4th Modern Marketing Reckoner by MMA Global India & Group M: 60+ experts on W...
 
End-to-end pipeline agility - Berlin Buzzwords 2024
End-to-end pipeline agility - Berlin Buzzwords 2024End-to-end pipeline agility - Berlin Buzzwords 2024
End-to-end pipeline agility - Berlin Buzzwords 2024
 
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Dat...
 
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
STATATHON: Unleashing the Power of Statistics in a 48-Hour Knowledge Extravag...
 
Natural Language Processing (NLP), RAG and its applications .pptx
Natural Language Processing (NLP), RAG and its applications .pptxNatural Language Processing (NLP), RAG and its applications .pptx
Natural Language Processing (NLP), RAG and its applications .pptx
 
My burning issue is homelessness K.C.M.O.
My burning issue is homelessness K.C.M.O.My burning issue is homelessness K.C.M.O.
My burning issue is homelessness K.C.M.O.
 
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
一比一原版(BCU毕业证书)伯明翰城市大学毕业证如何办理
 

Get your Enterprise Ready for GDPR

  • 1. In protecting access to personal data, do you: Need to do better We’re good Manage accounts by the “least privilege principle,” e.g., use admin accounts for administrative tasks only? Delegate only those permissions needed for a user to do his/her job?   Segregate accounts used to manage domain controllers, servers and workstations?   Remove plain-text application credentials, such as embedded passwords and locally stored SSH keys?   Automatically select and rotate unique passwords for all admin accounts?   Use a password vault which automatically enforces strong password policies?   Enforce multi-factor authentication for users to access credentials in the vault?   Force all privileged sessions through a secure jump server?   Isolate administrative access to personal data from Internet-connected workstations?   Restrict application accounts to “least privilege”, e.g. not allow applications to have domain administrator privileges?   Get Your Enterprise Ready for GDPR A Privileged Account Security Checklist for Securing Personal Data The General Data Protection Regulation (GDPR) includes four fundamentals related to Privileged Account Management for securing and protecting personal data: Prior to and in responding to a breach, can you: Need to do better We’re good Detect the misuse of credentials leading to a breach of personal data early in the attack lifecycle?   Perform live monitoring and recording of user activity during privileged sessions?   Detect credential theft—for example, by monitoring administrative activities associated with a password vault?   Isolate privileged sessions, especially those originating from outside the network and from unmanaged devices, e.g. third parties?   Account for who accessed what personal data on which systems when, including third party accounts who process personal data for you?   Identify all locations of malware that may have been used to facilitate the breach?   1. Protecting access 2. Responding rapidly to a breach 3. Assessing risk to personal data 4. Demonstrating compliance Operational control over who has access to personal data is at the heart of complying with the GDPR, and this requires a strong Privileged Account Management strategy. This practical checklist will help you evaluate not only your ability to avoid financial penalties and liability associated with GDPR, but implement a stronger enterprise security posture moving forward better protecting all your valuable corporate data, your customer relationships, and your brand and business partnerships. OF COMPANIES AFFECTED BY THE GDPR WILL NOT BE IN FULL COMPLIANCE WITH ITS REQUIREMENTS.1 GARTNER PREDICTS THAT BY THE END OF 2018, MORE THAN 50% 1 Gartner Press Release, “Gartner Says Organizations Are Unprepared for the 2018 European Data Protection Regulation“, May 3, 2017. http://www.gartner.com/newsroom/id/3701117
  • 2. All rights reserved. No portion of this publication may be reproduced in any form or by any means without the express written consent of CyberArk Software. CyberArk® , the CyberArk logo and other trade or service names appearing above are registered trademarks (or trademarks) of CyberArk Software in the U.S. and other jurisdictions. Any other trade and service names are the property of their respective owners. U.S., 6.17. Doc # 165 CyberArk believes the information in this document is accurate as of its publication date. The information is provided without any express, statutory, or implied warranties and is subject to change without notice. In assessing risk to your personal data, do you regularly: Need to do better We’re good Exercise regular discovery processes to identify privileged accounts and credentials, including passwords and SSH keys?   Map trust relationships between accounts and systems that have access to personal data?   Limit the proliferation of administrative accounts by minimizing the use of personal privileged accounts?   Conduct “ethical hacking” attacks to determine areas of privileged access vulnerability?   Look for signs of suspicious lateral movement or privilege escalation in real time?   Leverage behavioral analytics to detect suspicious user and account activity that could indicate a compromised privileged account?   Evaluate the processes for securely adding new users and assets to the system and de-provisioning obsolete ones?   To demonstrate GDPR compliance, can you: Need to do better We’re good Provide audit logs of who and what (e.g. applications) accessed personal data, including third party access to personal data?   Enforce access controls to ensure that only the right users are able to access – or request access to – authorized credentials?   Monitor access to privileged accounts and require users to “check-out” shared account credentials to establish individual accountability?   Quickly and easily generate reports that verify you have privileged account controls in place?   Automatically and regularly scan the network to identify accounts needing better protection, and show the reduction in vulnerable accounts.   Provide tamper-proof audit logs and session recordings to demonstrate audit integrity?   Assess environmental risks and distinguish between normal and abnormal behavior?   Define high-risk activity and alert the necessary incident response teams?   Conduct impact assessments to measure the effectiveness of security controls you have in place?   CyberArk Privileged Account Security provides end-to-end proactive protection, continuous monitoring and threat detection for privileged accounts that have access to the systems containing personal data, whether by the controllers who collect it or their partners who process it. The CyberArk solution is proven to scale in complex environments, and can easily encompass new users, applications and systems using a distributed architecture inside the network. Taking a proactive approach to privileged access and GDPR compliance limits your risks of fines and liability, as well as provides strategic business benefits from a stronger security posture. To learn how to address improvements in areas identified in the checklist, contact your sales representative or visit us at www.cyberark.com/GDPR and see how CyberArk can help your organization.