Quickly adapt to the GDPR

Objective No. 1: Understanding what we have in the company, which and how many hardware components exist and we use, which and how many application software are used.
Objective n.2: Survey the archives containing personal data and information, link them to assets and keep track of their contents and characteristics.
Objective n.3: To censor hardware, software and data, but also to keep the census updated.
It is no small job: manually drawing up and updating the inventory of technological assets can become really expensive in terms of time.
For this it is possible to outsource the activity by ensuring the daily monitoring of the entry and exit of devices and software.
In particular, a managed inventory activity helps to:

• Review all physical devices in the company
• Find all software installed on company PCs / mobile devices
• Check each software installed (when it was installed, by whom, what version it is, how it interacts with other company applications)
• Collect access logs and installed software.
• Create reports that are always up to date. For example, draw up a weekly / monthly report for groups of users of installed and modified software or create automated reports on local administrators relating to computers, servers and their access

This approach allows you to analyze the level of risk in advance, starting from the analysis of the elements present in the company. Only with the support of adequate services and products can we ensure that all aspects that impact on safety meet the required requirements.

GDPR or not, backup is always an indispensable element to ensure business continuity and the protection of your data and those of your customers.
With the data protection regulation, it goes without saying that the need becomes more and more urgent. The choice to entrust the backup to an external company allows you to have more time for your business activities and to have the certainty of continuous monitoring in the hands of experts.

Specifically, a managed backup:

• it is not corrupted by other software and malicious people
• reduces the impact of any compromise of administrative and backup credentials

A managed service for endpoint security is required to ensure:

• the blocking of dangerous activities and a centralized alert for certain installation attempts
• customizable reports to detect how many computers are vulnerable to a specific security flaw and which, therefore, require the installation of the specific update
• backup and antivirus respond to an important requirement of the GDPR, namely:
  

  “The ability to ensure the confidentiality, integrity, availability and resilience of processing systems and services on a permanent basis”

In the event of adverse events (natural or man-made disasters), thanks to Disaster Recovery, a company can plan in advance all the technological and organizational measures useful for the rapid recovery of systems, data and infrastructures.
A good Business Continuity & Disaster Recovery plan responds to the guidelines of the GDPR regarding the security of treatment:

“The ability to promptly restore the availability and access of personal data in the event of a physical or technical accident”

HOW CAN THE CLOUD HELP YOU IN ADAPTING TO THE GDPR?

Today, companies must ensure adequate control over their IT infrastructure, as they are responsible for the confidentiality and availability of their data.
Choosing a qualified Cloud service manager allows you to reduce the efforts to achieve compliance thanks to suppliers who have built their services by certifying them from the design stage. In this way, it will be possible to meet the requirements of the GDPR more quickly and with reduced costs and at the same time take advantage of state-of-the-art infrastructure managed by expert technicians.

CONSULTING & SOLUTIONS SERVICES TO ADAPT TO THE GDPR