General Data Protection Regulation
General Data Protection Regulation (GDPR) requires organizations handling personal data of European Union citizens to ensure that this data is secure. GDPR requires organizations to regularly evaluate the process of personal data collection; effectiveness of security practices and to provide document evidence of compliance.
SQ1Shield will help you detect threats; incidents and personal breaches; monitor data security and documentation with evidence for compliance. It will help perform risk assessment on the networks that are handling personal data while performing data protection impact assessment to respond to the risks swiftly.
Be Secure. Be Compliant.
Customized assessments of IT Landscape (on-premise network & cloud), to identify security controls that are necessary to meet GDPR Compliance
Identify assets that handle personal data and perform data flow analysis
SQ1Shield identifies data breaches and help you report the breaches
Locate gaps that exist between your current security posture and the requirements
SQ1Shield helps you confront your GDPR compliance gaps so that risks can be prioritized and addressed
SQ1Shield built-in GDPR reports help you report easily on privacy and security controls
Customize the reports to meet your business requirements and stay Compliant
SQ1Shield & GDPR – Fulfil Compliance requirement with SQ1Shield
| Article & Article Title | Management Activities | SQ1Shield Coverage |
|---|---|---|
|
24. Responsibility of the Controller |
Demonstrate Continuous Compliance and/or accountability |
Monitor for indicators of malware-based compromise, such as communication to a known Command & Control (C&C) Server. Monitors successful and failed logon attempts to external applications through Azure Active Directory Monitors user and administrator activities, including access and modification of files and content, in cloud applications |
|
25 Data Protection by design and by default |
Integrate Privacy by Design into system |
File Integrity Monitoring can detect modification attempts to applications or online storage containing personal data. |
|
28 Processor |
Maintain data privacy requirements for third parties (e.g., clients, vendors, processors, affiliates) |
Vendor Data Privacy assessment – Perform vendor data privacy impact assessment and monitor the risks in vendors that have access personal data. Perform vulnerability assessment on Vendor Network and remediate. |
|
32 Security of Processing |
Integrate data privacy into an information security policy |
Perform risk assessment and monitor the risk of systems that have access to personal data |
|
33 Notification of a personal data breach to the supervisory authority |
Maintain a log to track data privacy incidents/breaches |
Automated Incident Response – Correlates events to detect threats. Security orchestration and automated response capabilities enable rapid response to incidents. Automated ticket generation and integration with other tools ensures guided threat response. |
|
34 Communication of a personal data breach to the data subject |
Maintain a data privacy incident/breach response plan |
SQ1Shield enables monitoring and review of alarms, events, and reports Built-in notification capabilities enable analysts to be alerted to alarms through email, and SMS |
|
35 Data protection impact assessment |
Conduct PIAs/DPIAs for new programs, systems, processes |
Data Privacy Impact Assessment – Perform data privacy impact assessment and monitor the risks in networks that have access personal data. |