NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Countdown to EU's General Data Protection Regulation (GDPR)

October 10, 2017

  • Blog
  • Archive

GDPR

With a little more than eight months until the GDPR becomes enforceable, the opportunity to meet the 25th May 2018 fully compliant date is rapidly disappearing. For many, the decision to delay implementing the regulation has been driven by a belief that it doesn’t apply to them, particularly if they aren’t based in the EU.

We need to be conscious, though, that any organisation that holds any personal information about any EU citizen falls under the jurisdiction of the GDPR and could be subject to prosecution should that data be breached. Such data includes name, address, phone number and even the IP address used when the user visited your web site or online store. The GDPR has been furnished with some substantial teeth, with the ability to impose fines of up to 4% of global annual turnover or €10m, whichever is greater. It’s not too great a stretch to imagine that the first organisations to fall afoul of this regulation will be made examples of.

Download our GDPR tech brief and discover how to achieve GDPR compliance with BeyondTrust cybersecurity solutions. get the guide

What you should consider as the deadline approaches

Key elements to be considering as the deadline for enforcement approaches include the following:

  • If you process data for another organization, i.e. don’t collect it directly yourself are don’t use the data yourself, you still need to be compliant. Unlike the Data Protection Directive (95/46/EC), it’s not just the collector of the data that’s liable.
  • With the GDPR personal data is defined as “any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, post on social networking websites, medical information, or a computer’s IP address.” This is extremely broad, so make sure you are aware if you collect or process any of this data whether deliberately or not.
  • Make sure that any data you do collect is covered by appropriate authorizations from the user as these have expanded substantially; simple agreements are unlikely to suffice moving forward.
  • Lastly, make sure you have processes in place to notify users of a breach when it happens. GDPR allows only 72 hours for such notification to take place.

There are, of course, many more elements to consider, and the enforcement date will be upon us before we know it. We have Christmas, Easter and many other holidays between now and 25th May 2018, and as a result there is probably little more than six working months to get ready. With the pressure we have on our organizations – our cybersecurity teams particularly – that doesn’t leave us with much time. If you haven’t looked at GDPR then we’d urge you to do so now, and if you have and think there’s still time, we’d urge you to look again.

Next steps

Best practice in personal data security can only benefit us as individuals and as organizations. Better notification and more openness in admitting we’ve been breached will help us all respond to the threats that are out there. GDPR is the first significant data protection legislation in several years; the rest of the world is watching and is likely to adopt similar protections for their own citizens. Being GDPR compliant will help prepare you for those as well. As my Grandmother used to say, “A stitch in time, saves nine.”

Get our GDPR guide

BeyondTrust has written a new guide on the objectives of the GDPR, and how BeyondTrust privileged access management and vulnerability management solutions can help. Download the guide, or contact us for a strategy briefing today!

Photograph of Brian Chappell

Brian Chappell, Chief Security Strategist

Brian has more than 30 years of IT and cybersecurity experience in a career that has spanned system integrators, PC and Software vendors, and high-tech multi-nationals. He has held senior roles in both the vendor and the enterprise space in companies such as Amstrad plc, BBC Television, GlaxoSmithKline, and BeyondTrust. At BeyondTrust, Brian has led Sales Engineering across EMEA and APAC, Product Management globally for Privileged Password Management, and now focuses on security strategy both internally and externally. Brian can also be found speaking at conferences, authoring articles and blog posts, as well as providing expert commentary for the world press.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Microsoft Vulnerabilities Report 2022

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.