GDPR and visibility of data is important for compliance with this law

GDPR and visibility of data is important for compliance with this law

First big fines

GDPR celebrates the first anniversary of the law, however, there are companies that still do not spend enough time to comply with law and data visibility. For example, a giant Google has been fined EUR 50 million from the French CNIL for violating the GDPR regulations for lack of transparency in the collection of personalized advertising data and the lack of user consent. The European Union takes its role seriously, although it may seem to us that 50 million is a small fine for such a giant.

GDPR Regulations

GDPR gives companies the task of introducing technologies, processes and programs to ensure that data is always visible regardless of where these companies operate. Under real visibility, we can understand that a business knows where data is shared, how it is used, and where its data is. It goes beyond traditional security circuits and reaches up to cloud collaboration services.

Security teams face a major challenge. It is important to establish continuous data processing procedures. By implementing good technology practices, companies can better assess security risks, such as how data is shared and used, thus avoiding possible sanctions.

Possible solutions

• Storage of files under security requirements for data retention in accordance with GDPR.
• The importance of inventorying data over time so that companies know where important data is located. Manual inventorying of data is inefficient as data is rapidly evolving and changing within an organization.
• Using Data Audit to let businesses know if the data use is GDPR compliant.
• Tracking of folder exfiltration activity to ensure visibility of files that other parties can see.

It is important to have tools to help verify the operation of the data protection program. The essence is to have good processes in place to comply with GDPR laws.