2016 was a bad year for data security: Worldwide the year saw almost 1.4 billion data records lost or stolen, up 86% from 2015.

In Europe alone, there were 161 major reported incidents, accounting for the theft or loss of 183.4 million records, and these only account for breaches that were reported. Source: Gemalto Breach Level Index Report 2016.

Thankfully, the “wild west” days of data in the UK Europe are numbered. The General Data Protection Regulation (GDPR) comes into force on 25th May 2018. The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of GDPR.

This means all companies inside or outside the EU wanting to offer their products and services to clients located in Europe or the UK will need to be able to comply.

Are you ready for it? Below is some information on the GDPR, and what you can do to make sure you comply and avoid the possible consequences for data breaches.

What is it?

The General Data Protection Regulation (GDPR) will apply in the UK and Europe from 25 May 2018. The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.

What does it apply to?

The GDPR applies to data processing carried out by organisations operating within the EU. It also applies to organisations outside the EU that offer goods or services to individuals in the EU.

The GDPR applies to all ‘personal data’.

• HR records
• Customer records
• Bank details
• Website logins
• Email addresses
• Purchase history
• Even anonymous or pseudonymous data
• An online identifier – eg an IP address can even be regarded as personal data under the GDPR

Basically, it relates to any data relating to people, in any form.

Who does it apply to?

The GDPR applies to ‘controllers’ and ‘processors’.

• Controller – Says how and why personal data is processed – the company data officer.
• Processor – Acts on the controller’s behalf, i.e. anyone else who has access to, and uses the data (even if it is anonymised).

If you are currently subject to the Data Protection Act 1998 (DPA), it is likely that you will also be subject to the GDPR.

What are your responsibilities?

• You must prove compliance.

 “You must implement appropriate technical and organisational measures that ensure and demonstrate that you comply.”

– The Observer Platform from Viavi gives you full visibility of your network, allowing you to easily measure and prove compliance.

• If you are large enough, you must record all data processing activity.

“If your organisation has more than 250 employees, you must maintain additional internal records of your processing activities.”

– Viavi Observer Gigastor captures all of your data, all of the time, providing end-to-end visibility and allowing you to record all of your processing activities.

• You must notify of breaches.

“A notifiable breach has to be reported to the relevant supervisory authority within 72 hours of the organisation becoming aware of it.“

You must have systems in place to investigate breaches, without them, how long will it take to:

• Recover the data that was involved?
• Find out when and where the breach happened?
• Prove who was responsible?

– Viavi Observer Gigastor allows you to quickly pinpoint where and when a breach happened.

If a breach happens:

• The responsibility now rests in the boardroom.
• The potential fines are up to 20 million Euros or 4% of global turnover in the most severe cases.

– Viavi Observer Gigastor gives you full visibility of your network and could help you prove that the breach wasn’t your fault.

Adding Value

Viavi doesn’t just help you comply to the GDPR, it allows you to add value. The undisputed leader in back-in-time analysis, Observer GigaStor eliminates the time-consuming task of recreating problems for troubleshooting, or for investigating possible security threats. Just hit rewind to go back in time and review past network activity. Navigate to the exact moment of the service anomaly to see detailed, packet-level views before, during, and after the occurrence.

Eliminate unnecessary finger pointing between IT teams with fast and accurate root cause identification. Speed resolution of any application, network, or UC issue, while using the security forensics capabilities of GigaStor to serve as the final arbiter on whether a breach has occurred and what resources have been compromised.

GigaStor and the Observer Platform family of products are ideally suited for satisfying business goals and overcoming challenges across the entire IT enterprise lifecycle whether deploying new technologies, managing current resources, solving service anomalies, or optimising IT asset usage.

Examples include:

Deploy

• Fine-Tuning of Deployments: Track critical KPIs that indicate user experience by highlighting the before/after relationship to resource settings goals

Solve

• Access and Performance: Detect anomalies using dashboards and workflows so the right team can be deployed
• Attack Remediation: Using packet-level detail, forensically reconstruct incident to identify who did what, when, and where

Call us for a Free Consultation

If you would like to know more about the GDPR and how Viavi and Sol can help you comply, or you would like any more information on any of our products and services, please contact us by clicking the button below, or ring us on +44 (0) 1691 680 830.

Want more information?

If you would like more information on this news story, or any of our products and services, please contact us by clicking the button below, or ring us on +44(0)1691 680 830.

Follow us on Social Media: