Unstructured Data – A Blind Spot for GDPR Compliance
- LANGUAGE: English DATE: Thursday, September 21, 2017 TIME: 4:00pm CEST, 10:00am ET, 7:00am PT
While many (but not enough) organizations have finally begun preparing for GDPR compliance, there are still important steps to take. When in May 2018 the upcoming EU GDPR (General Data Protection Regulation) comes into force, the requirements for managing personal data will change.
GDPR will apply to all types of systems where personal data resides. That goes beyond traditional database, CRM or Identity Management systems: Emails, spreadsheets and text documents, PDFs and images, web pages and data collected from social media are only a few examples, and they are everywhere in the organization. All of this might and will contain PII (personally identifiable information), including systems like Microsoft Exchange, Office365, SharePoint, Skype, OneDrive, local folders or IMAP-accounts.
Achieving compliance requires an adequate approach for data governance, but many organizations do not have a data governance program in place. Applying data governance to unstructured data is an even bigger challenge, as technologies are not prepared to handle the data-centric approach to the upcoming EU regulation.
Extending the reach of your GDPR compliance efforts to cover unstructured data as well will be essential. Get to know what will be required to define and implement processes and technologies to comply with GDPR requirements for PII in all data islands containing unstructured data.
In this webinar, you learn more about:
- What and where your unstructured data islands are
- If personal data is stored in these data islands and in which formats
- Who the data owners are
- Who defines access to this data and reviews the content with respect to the GDPR requirements
In the first part of this webinar Matthias Reinwarth, Senior Analyst with KuppingerCole will give an overview of the GDPR requirements for unstructured data and the necessity for integrating unstructured data into an overall approach to take to ensure compliance with GDPR.
In the second part Jonathan Sander, Chief Technology Officer (CTO) at STEALTHbits Technologies, will cover finding and assigning data owners for unstructured, sensitive data. And, how to enforce a least privilege model to your unstructured data.
STEALTHbits Technologies is a cybersecurity software company focused on protecting an organization’s credentials and data. By removing inappropriate data access, enforcing security policy, and detecting advanced threats, we reduce security risk, fulfill compliance requirements and decrease operations expense.
There is growing interest in deception as a methodology and as an integral part of cybersecurity architecture, as organizations seek more effective approaches for detecting and responding to threats in real time. Distributed Deception Platforms have made this approach practical and affordable for the first time, but choosing the right solution can be challenging.