Russell McDermottSales EngineerRussell.Mcdermott@netwrix.com+44 (0) 203 588 3023 x 2208

What the GDPR is and how to deal with it

How to Ask Questions

Type your question here

Click “Send”

Agenda

What the GDPR is

Top 5 things you should know about it

Who should worry and why?

Steps to prepare

Demonstration

Q&A

Useful Resources

Prize Drawing

What the GDPR Is

The EU General Data Protection Regulation (GDPR) replaces the Data

Protection Directive 95/46/EC and was designed to harmonize data privacy

laws across Europe, to protect and empower all EU citizens data privacy and

to reshape the way organizations across the region approach data privacy.

http://www.eugdpr.org

TIME UNTIL GDPR ENFORCEMENT

525 DAYS

Top 5 Things You Should Know About It

1) The GDPR is a regulation, NOT a directive

2) Fines for non-compliance are tremendous

3) Disclosure of intensions is required

4) The need for explicit agreement

5) The right to be forgotten

GDPR Glossary

o Data Controller

o Data Processor

o Data Protection Officer

o Directive

o Personal Data Breach

o Processing

o Regulation

o …

www.eugdpr.org/glossary-of-terms.html

Who Should Worry?

All companies processing the personal data of data subjects residing in the EU,

regardless of the company’s location

Why Worry?

Fines for non-compliance are enormous and depend on the infraction.

4% of annual global turnover or €20 M for the most serious breaches

2% or €10 M for smaller infringements

What ‘Consent’ Means

If it’s NOT CLEAR, it’s NOT CONSENT!

Consent is a positive indication of agreement

Consent must be clear and distinguishable

Provided in an intelligible and easily accessible form

Consent of parent required when dealing with children

Consent should be recorded

Data Subject Rights

Breach Notification

Right to Access

Right to be Forgotten

Data Portability

Privacy by Design

Data Protection Officers

Required for public authorities

Must be appointed on the basis of professional qualities

May be a staff member or an external service provider

Must report directly to the highest level of management

Must not carry out any other tasks

Steps to Prepare

Information Commissioner’s Office (ICO) will assist businesses to prepare

1. Make sure the key people are aware

2. Organize an information audit

3. Update your version of Privacy notes

4. Make sure you can cover individuals’ rights

5. Plan how you will handle access requests

6. Document the legal basis for processing personal data

Information Commissioner’s Office, [Preparing for the GDPR, 14/03/2016], licensed under the Open Government Licence

Steps to prepare

7. Acquire explicit consent

8. Get parents’ consent

9. Ensure procedures to handle data breaches

10. Work out how to implement PIA

11. Hire Data Protection Officers if required

12. Determine your data protection supervisory authority

Information Commissioner’s Office, [Preparing for the GDPR, 14/03/2016], licensed under the Open Government Licence

About Netwrix Auditor

Netwrix Auditor

A visibility and governance platform that enables control over

changes, configurations, and access in hybrid cloud IT environments by

providing security analytics to detect anomalies in user behavior and

investigate threat pattern before a data breach occurs.

Netwrix Auditor Benefits

Relieves IT departments of manual

crawling through weeks of log data

to get the information about who

changed what, when and where

and who has access to what.

Detect Data Security Threats – On Premises

and in the Cloud

Pass Compliance Audits with Less Effort and

Expense

Increase the Productivity of Security and Operations Teams

Bridges the visibility gap by

delivering security analytics about

critical changes, state of

configurations and data access in

hybrid cloud IT environments and

enables investigation of suspicious

user behavior.

Provides the evidence required to

prove that your organization’s IT

security program adheres to PCI

DSS, HIPAA, HITECH, SOX,

FISMA/NIST800-53, COBIT, ISO/IEC

27001 and other standards.

Netwrix Auditor Applications

Active Directory Exchange

Office 365 Windows File Servers EMC

NetApp

Windows Server VMwareSQL Server

SharePoint

Azure AD

Oracle Database

How Netwrix Auditor Helps with the GDPR

Demonstration Netwrix Auditor

About Netwrix Corporation

Year of foundation: 2006

Headquarters location: Irvine, California

Global customer base: over 8,000

Recognition: Among the fastest growing

software companies in the US with 105

industry awards from Redmond

Magazine, SC Magazine, Windows IT Pro

and others

Customer support: global 24/5 support

with 97% customer satisfaction

Netwrix Customers

Financial

State, Local Government/Education

Technology/Internet/Retail/Food/Other

Heavy Industry/Engineering/Manufacturing/Transportation

Awards

All awards: www.netwrix.com/awards

Summary

No way to avoid the broad-reaching changes

The main goal is providing unified rules on data protection

Netwrix Auditor will help you maintain the GDPR compliance

The best time to start is now

Read more about the GDPR netwrix.com/GDPR_Compliance.html

Free Trial: setup in your own test environment:

On-premises: netwrix.com/freetrial

Virtual: netwrix.com/go/appliance

Cloud: netwrix.com/go/cloud

Test Drive: virtual POC, try in a Netwrix-hosted test lab netwrix.com/testdrive

Live Demo: product tour with Netwrix expert netwrix.com/livedemo

Contact Sales to obtain more information netwrix.com/contactsales

Webinars: join our upcoming webinars and watch the recorded sessions

netwrix.com/webinars

netwrix.com/webinars#featured

Next Steps

Thank You!

Prize Drawing

Get Your Quadrocopter!

Haven’t won this time? Sign up for upcoming sessions: https://www.netwrix.com/webinars.html