sobota 10. února 2018

One GRC Manager’s Practical Approach to GDPR Readiness

February 8, 2018 - David Lewis - Blog | Imperva
Plné znění článku:
http://tinyurl.com/y7at4w6v
Cituji úvodní část textu:
"...According to this survey, the majority of companies are slow off the mark. On top of that, companies require resources and budget to prepare for and comply with the GDPR....
- At Imperva, our readiness to meet the regulatory requirements established by the GDPR is managed by our Privacy Office. As a GRC manager on that team, I was one of several individuals tasked with reading, understanding and communicating GDPR requirements to our internal stakeholders as we developed our compliance plan.
- No doubt, your organization has a team established to work through GDPR requirements and prepare as needed. If you’re a member of that team and haven’t yet started down your own path, I’m hopeful you’ll find this a useful guide in helping jump start your project, with the ability to tailor it to your specific needs. My goal was to make it as practical as possible. And I provide timelines to give you a sense for how long each step took when I took it on. Here we go...".

Ensuring that email data is compliant with GDPR regulations

By - Nathaniel Borenstein - 8. 2. 2018 - Information Management
Plné znění  najdete na adrese: http://tinyurl.com/yd3yep6p
Cituji vybrané části textu:
- "More than 90 percent of cyberattacks start with email – whether it’s from customers, partners or colleagues, organizations collect hundreds, if not thousands, of emails that contain personal information every day.
- Considering the current cybersecurity landscape, none of that data is safe – even your deleted files. And all of it is vulnerable to attack, which ups the risk for getting hit with noncompliance penalties.
- So, how can your business ward off hefty fines and ensure compliance? For starters, make archiving an essential part of your compliance plans.
Make archiving an essential part of your compliance plans.
When GDPR goes into effect, organizations will need quick and easy access to their email – both current and historical files. This includes trashed and archived emails, which aren’t always simple to find....
Consider the chains of custody
Audit trails, referred to as “chains of custody” by some, are an essential piece of the puzzle when it comes to rounding out your archiving solution....
Determine who holds the keys to the castle
In a time crunch and can’t access the files you need to? Archiving solutions should make it simple for users to approve (and disapprove) who has the ability to directly access and recall specific files....
Leap to the cloud
Has your team moved to a cloud-based solution yet? If the answer’s no, you’re not alone, but you may soon be. Cloud adoption is up – and archiving is becoming a popular use case. Today, utilizing the cloud for archiving solutions saves the budget and your employees time....
Make teamwork a priority
Think the IT team is responsible for archiving? Think again. Everyone in the organization, from the C-level down, should be involved in the process. Teams must work together to define each of the different files that are being archived, and determine their sensitivity and retention period to develop the best protection plan. Without this collaboration, there’s a good chance files will go “missing.” And getting them back will require extensive resources – time and money – to recover....".

pátek 2. února 2018

Počítač pro každého - Ochrana osobních údajů nově

Počítač pro každého - Ochrana osobních údajů nově
Pokud odebíráte časopis Počítač pro každého, nepřehlédněte v čísle 4/18 podrobný článek, týkající se GDPR. Na 3 stranách se dozvíte přehledně o GDPR a to s respektováním  pohledu z IT/IS. Časopis najdete v každé prodejně tisku.