GDPR through the eyes of NSS

In order to identify the last time the European parliament passed a law that protects and ensures the protection and privacy of Europeans citizens personal data, we will have to go back in time to 1995. We are referring, of course, to the European Data Protection Directive 95/46 / EC.

But from May 2018 –and that is just one year from now- the new European General Data Protection Regulation (GDPR)will be fully implemented to replace and modernize the legislation. After four years of preparation and public debate, on 14th of April 2016, the European Parliament voted and passed the new European General Data Protection Regulation (GDPR). The new regulation will be directly applicable in all member states of the European Union and will replace the European Data Protection Directive 95/46 / EC.

The aim of the new regulation is to modernize the current legislation and harmonize data protection laws across all European countries. The new European General Data Protection Regulation (GDPR) will ensure the protection and is going to enhance the privacy of the EU citizens by reshaping the way companies and organizations approach private data.

The law is designed to protect all European citizens from violations of privacy and from personal data breaches, in a world that is increasingly guided by data. This world today, is very different from the world existed in 1995, when the European Directive 95/46 / EC was created. Another aspect of the European regulation is to give citizens greater control of their data and make it more easily accessible to them.

In addition, one of the requirements of the new regulation is to facilitate the deletion and portability of data.

Therefore, if somebody wants to completely delete or transfer personal data from one provider or carrier to another, then this is something that should be done seamlessly and safely.

The benefits of the new regulation for the European citizens are many. European citizens now have the right to be forgotten and their explicit consent for the processing of their personal data is absolutely needed. The new regulation ensures easier access to their data, and secures data portability and also gives European citizens greater knowledge of how their data are treated. All of the above, have a major impact on businesses, which should be prepared and ensure their compliance with the new regulation. Businesses need to analyze and know what kind of data they collect and manage, where the data is stored, and last but not least they have request from the users to consent to whether they want their data to be shared with third parties or not.

Also, any organization with more than 250 employees must have a Data Protection Officer (DPO) who should be responsible for the compliance of the organization with the new general regulation. Another requirement is that in a case of data loss or data breach, the organization must immediately inform both shareholders and citizens within 72 hours about the loss or the breach. Therefore, every organization should be prepared to be able to provide the necessary documentation and every single detail about the data loss and/or the data breach. Citizens will also be able to request their data, and companies and organizations should be able to provide them with a digital copy of the data and/or delete them directly, but most importantly companies and organizations should be able to guarantee personal data safety.

NSS is ready. Are you;

The new general European regulation affects practically all businesses and organizations irrespectively of the sector in which they operate and in general makes personal data protection their own responsibility while requiring full compliance by 25 May 2018.

As it is well known, most data violations are performed using hacking techniques, malware and/or ransomware or exploiting privileged credentials, employees’ mistakes or omissions or using a stolen or lost portable corporate device, and so on.

NSS, a well-known IT solutions Value Added Distributor with an expertise in Information Security and Networking, in collaboration with partners like Sophos, GlobalSign, Sealpath, iboss, SEP and Logpoint among others is fully compliant and absolutely ready to meet the challenge that the European General Data Protection Regulation brings. NSS and its broad channel of selected partners, can ensure that your company or organization harmonizes and complies with the many changes the new regulation brings to regulatory policies.

Sophos, a world leader in information security, can help you successfully defend against all causes of data loss. With Sophos products, all devices can be protected and your data will remain safe in the event of loss or theft, while keeping malicious malware and ransomware away. Your data is protected by products such as Sophos XG Firewall that ensures perimeter security and Sophos Intercept X that guaranties the safety of your terminals.

Sophos can counteract attacks aimed at stealing your data by supporting automated encryption mechanisms or prohibiting the transmission of sensitive data via e-mail. The new regulation requires organizations and companies to guarantee the security of personal data and encryption is the only way to ensure that. Sophos has the most complete encryption solution, Sophos Safeguard. Sophos Safeguard protects your data on any platform without slowing down users.

Learn more

The first, and possibly the most critical step in implementing and activating effective defense against data theft and any kind of attack coming from outside and malicious users within your business network, is to protect the privileged accounts of all your terminals, installations, servers or cloud infrastructures. Beyond Trust is a leader in the global marketplace providing businesses with security solutions against cyber-attacks that exploit privileged credentials and accounts with special access rights, targeting the theft or the destruction of critical corporate assets. The three pillars of Beyond Trust Privileged Account Security solutions (Privileged Password Management, Endpoint Privilege Management & Secure Remote Access), compose the most complete alternative for securing privileged accounts and ensuring business productivity with fully integrated solution unique in the market.

Learn more

Advancements in web applications have changed the way we do business and access and share information. Many businesses have shifted most of their operations online so employees from remote offices and business partners from different countries can share sensitive data in real time and collaborate towards a common goal. Invicti Security is a leader in Application Security Testing. Invicti Security vulnerability assessment & management solutions are designed to be a part of any enterprise environment by providing multiple integrations as well as options to integrate within custom contexts. Invicti Security tools can enable you to protect yourself against common threats, performing mock attacks in a safe way, shows you how a malicious hacker could potentially access your systems, and explains how you can prevent real attacks.

Learn more

Globalsign is a leading company in providing reliable digital SSL certificates as well as providing secure technology for data portability, for authenticating identities, for websites and transactions worldwide since 1996. With GlobalSign, you can guarantee to your customers and users visiting your website, that all electronic transactions are secured and protected with the highest SSL level (eg with Extended Validation SSL). Besides certificates, GlobalSign also provides a range of Digital Signature services or PersonalSign Certificates (Digital IDs issued to people or departments) with varying trust levels. Digital IDs can be used also to add digital signatures to Microsoft Office and other documents to protect the document’s integrity and provide assurances of authorship to recipients. That way, a recipient is ensured that an author’s identity is verified by a trusted organization and that the contents of a document hasn’t changed. Finally, through a series of Globalsign Enterprise Solutions, a large company or organization can reduce management, costs and time associated with Enterprise SSL, Managed PKI, Trusted Root CA Signing, Customer Identity and Access Management, a.)

Learn more

Every day businesses create more and more data. Data gets saved, employees move on, data is forgotten and lost. Valuable information that are sitting on the file servers and document stores, are not protected and are sometimes unrecoverable because no one knows where to find it. By classifying data businesses can retrieve more easily and identify more accurately the data that need to be protected. Data classification can reduce the risk of costly data leakage and increase the business efficiency. Data classification will help to regain control over all unstructured data. With Boldon James Classifier tools and the Automatic Classification platform Classifier360, the proper data classification approach can be selected, whether it be automatic classification, user-driven classification or a blend of classification techniques so that users are supported by the software with their classification decisions. By involving users in data classification, they will automatically become more data-aware, with a greater understanding of the company policies and the value of the organisation’s data.

Learn more 

SealPath provides an excellent IRM / Rights Rights Management Solution that can protect your documents and files wherever they are, while allowing easy and secure sharing of the them with others. With SealPath solution, you have full control of your document’s rights in real time, even after sharing it within or outside of your business network. Your documents are protected wherever they are, since you can change the rights of a document even if it has been sent or forwarded to someone else via e-mail, online storage system or has been shared with any type of removable storage medium. In addition, you have the ability to set restrictions on what can be done with your documents, and you can track who and when accessed your data with full reporting and statistics. Sealpath systems can work together with Data Classification systems, making it virtually impossible to leak sensitive information. With Sealpath you can protect any kind of file or document, such as Microsoft Word, Excel, PowerPoint, Adobe PDF, AutoCAD, image files, and so on.

Learn more 

Your first concern in protecting your business data from cyber-attacks is to control network violations and manage data loss. Secure Web Gateway & MDM has over 80 patents and advanced features for unparalleled protection against advanced polymorphic threats designed to avoid signature-based detection. The iboss Secure Web Gateway Platform that operates locally or in the cloud is able to identify high-risk systems and users, and is also able to quarantine them in order to stop the spread of possible infection, to provide alerts of the issue that has appeared, and to activate countermeasures. The unique detection mechanism of the iboss Secure Web Gateway Platform, can detect even the most complex malware even if the malware has already passed through your sandbox defense. The FICO Cyber ​​Score subsystem embedded in iboss, utilizes behavioral analytics technology to minimize data loss.

Learn more

With the enforcement of the Regulation, it is vital for every organization and company to be able to provide detailed documentation in case of data breaches. This requires new security policies and new data protection policies, as well as new roles and responsibilities within the organization, while also calling for the use of new effective tools, such as Logpoint’s leading Security Information and Event Management (SIEM) technology. LogPoint system allows businesses and organizations to proactively monitor their networks and detect security threats in real-time and therefore prevents cyber attacks by meeting any compliance requirements, as in the case of the new regulation.

Learn more

One of the key aspects of the regulation is that it requires companies to have a specific plan to deal with security breaches and data loss. This calls for the use of multi-level backup systems that can ensure the integrity of the data, in the event of any recovery that needs to take place form of lack of availability, loss or destruction. The SEP Sesam Backup System offers a large portfolio of real-time enterprise-class backup solutions and protection tools for applications, groupware and databases for all operating systems, covering a range of technologies such as SAP, Microsoft Exchange, Groupwise, Lotus Domino, IMAP, openLDAP, Microsoft SharePoint, VMWare, HyperV, XEN, Oracle, MS SQL, IBM DB2, Informix, SAP R/3, etc.

Learn more