Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

Countdown to EU's General Data Protection Regulation (GDPR)

October 10, 2017

  • Blog
  • Archive
GDPR With a little more than eight months until the GDPR becomes enforceable, the opportunity to meet the 25th May 2018 fully compliant date is rapidly disappearing. For many, the decision to delay implementing the regulation has been driven by a belief that it doesn’t apply to them, particularly if they aren’t based in the EU. We need to be conscious, though, that any organisation that holds any personal information about any EU citizen falls under the jurisdiction of the GDPR and could be subject to prosecution should that data be breached. Such data includes name, address, phone number and even the IP address used when the user visited your web site or online store. The GDPR has been furnished with some substantial teeth, with the ability to impose fines of up to 4% of global annual turnover or €10m, whichever is greater. It’s not too great a stretch to imagine that the first organisations to fall afoul of this regulation will be made examples of.
Download our GDPR tech brief and discover how to achieve GDPR compliance with BeyondTrust cybersecurity solutions. get the guide

What you should consider as the deadline approaches

Key elements to be considering as the deadline for enforcement approaches include the following:
  • If you process data for another organisation, i.e. don’t collect it directly yourself are don’t use the data yourself, you still need to be compliant. Unlike the Data Protection Directive (95/46/EC), it’s not just the collector of the data that’s liable.
  • With the GDPR personal data is defined as “any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, post on social networking websites, medical information, or a computer’s IP address.” This is extremely broad, so make sure you are aware if you collect or process any of this data whether deliberately or not.
  • Make sure that any data you do collect is covered by appropriate authorisations from the user as these have expanded substantially; simple agreements are unlikely to suffice moving forward.
  • Lastly, make sure you have processes in place to notify users of a breach when it happens. GDPR allows only 72 hours for such notification to take place.
There are, of course, many more elements to consider, and the enforcement date will be upon us before we know it. We have Christmas, Easter and many other holidays between now and 25th May 2018, and as a result there is probably little more than six working months to get ready. With the pressure we have on our organisations – our cybersecurity teams particularly – that doesn’t leave us with much time. If you haven’t looked at GDPR then we’d urge you to do so now, and if you have and think there’s still time, we’d urge you to look again.

Next steps

Best practice in personal data security can only benefit us as individuals and as organisations. Better notification and more openness in admitting we’ve been breached will help us all respond to the threats that are out there. GDPR is the first significant data protection legislation in several years; the rest of the world is watching and is likely to adopt similar protections for their own citizens. Being GDPR compliant will help prepare you for those as well. As my Grandmother used to say, “A stitch in time, saves nine.”

Get our GDPR guide

BeyondTrust has written a new guide on the objectives of the GDPR, and how BeyondTrust privileged access management and vulnerability management solutions can help. Download the guide, or contact us for a strategy briefing today!

Brian Chappell

Director, Product Management

Brian has more than 25 years of IT and cybersecurity experience in a career that has spanned niche system integrators, PC and Software vendors, and high-tech multi-nationals. He has held senior roles in both the vendor and the enterprise space in companies such as Amstrad plc, BBC Television, GlaxoSmithKline, and BeyondTrust. At BeyondTrust, Brian leads the Product Management of the flagship Password Safe product globally, ensuring the delivery of a world-class, industry-leading Privileged Password and Session Management solution. Brian can also be found speaking at conferences, authoring articles and blog posts, as well as providing expert commentary for the world press.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 25, 2021

Customer Tips & Tricks: Remote Support for Android

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.