The European Union General Data Protection Regulation (GDPR) privacy protection principles and obligations, covered by the previous blogs, may have far-reaching consequences.
As a first step to becoming GDPR-ready, companies need visibility into what is on the network. They need to know which devices are connected to the network, who is using these devices, the access rights they have, when they are connected and which data they are allowed to access. Organizations need proof that mechanisms on these devices to secure private data, such as encryption agents, are operational.
Visibility in this case is not limited to corporate-managed devices but also includes a plethora of different bring your own device (BYOD) and Internet of Things (IoT) endpoints as well as other devices that may be used in an organization’s conduct of business.
Given the huge proliferation of devices, organizations need a different approach, as the traditional agent-based security solutions do not provide a complete solution. Instead, organizations need to work in an agentless manner to see and manage all these different devices.
Recommended Steps for IT Security Personnel
- Based on the information collected on the device and user, IT personnel can take control measures to help ensure devices, applications and users are working in accordance with both GDPR and the company’s security policies.
- To help ensure that the organization maintains security of processing—and, more importantly, minimizes the risk caused by accidental or unlawful destruction, loss and/or unauthorized access to personal data—network segmentation is essential. Network segmentation is not new, but it has become harder to deploy in many cases, resulting in organizations choosing ease of use over security.
- Applying the appropriate controls in a manual way is a losing proposition. It is too costly and does not provide the necessary guarantees. Companies need automated policies to enforce their security operational processes—and, via automatically generated reports, demonstrate compliance to the security authority.
- Identifying a security breach in today’s world can be a complex activity, potentially involving many security solutions. Orchestration—the sharing of information between different security appliances—allows you to share disparate information across these solutions, which is key to quickly identifying a security breach.
For more information on how Forescout can help you reduce blind spots on your network, read the Solution Brief.