ACHIEVE LONG-TERM GDPR COMPLIANCE

Get your data protection right with the help of cyber security solutions

GDPR

Navigating the new privacy landscape

What should organizations do before and after the May 2018 deadline to comply with the GDPR

Our eBook describes the basic principles and concepts of the GDPR.

  • Key factors needed for proper GDPR preparation
  • Responsibilities of different organizational functions have in the compliance project
  • Role of effective cyber security in maintaining continuous GDPR compliance

The EU General Data Protection Regulation – in short, the GDPR – marks the biggest change in EU data privacy laws in more than 20 years, and it will have a transformative effect on the way companies manage and secure personal data.

The GDPR sets forth a complex regime of measures an organization must take to protect personal data, including the appointment of a data protection officer and the maintenance of detailed documentation to prove compliance. But the GDPR does not articulate a precise prescription for the technology that must be used to secure data.

Instead, GDPR takes a risk-based approach to requiring particular technical measures. Higher risk mandates more expense and effort to secure data. The overriding issue is whether data is at risk and which practices and technologies will effectively reduce those risks.

Related solutions

Key requirements for technical measures are set forth in GDPR Articles 5, 32, 33 and 34.
Here's a short summary on how F-Secure products help you in protecting the personal data you are collecting.

GDPR Article 5

Ensure security of personal data

Requires you to process personal data so that it stays protected against accidental loss, destruction or damage. Threats like malware and ransomware could cause loss or destruction of data. Increased use of mobile devices and weak passwords also have an impact to confidentiality and data loss.

Protection Service for Business

Protects Windows and Mac computers, iOS and Android smartphones, and a variety of server platforms. It comes with fully integrated patch management, mobile device management and a password manager.

Read more

GDPR Article 32

Have a process for regular assessments

Oblige you to perform evaluations of the security measures of data processing. Ensuring a regular process for assessing and fixing known vulnerabilities can be considered as one of the basic functions in cyber security.

F-Secure Radar

Allows you to continuously assess your security level and map your attack surface. It also enables reporting, which allows you to demonstrate your compliance.

Read more

GDPR Articles 33 and 34

Notify within 72 hours of discovering a breach

Require companies to notify authorities and data subjects within 72 hours of identifying a breach. To be able to notify about the breach, one must be able to detect it as early as possible. The level of information that needs to be included in the notification is considerable. Failure to comply may result in considerable administrative fines.

F-Secure Rapid Detection & Response

Solutions detect advanced threats and targeted attacks swiftly and help respond to incidents efficiently. The solutions preserve the evidence of attacker activity and breach details in an off-site, secure storage.

Read more

Related resources

How to achieve compliance with the GDPR

F-Secure's Principal Security Consultant Antti Vähä-Sipilä discusses the measures companies need to undertake to achieve long-term GDPR compliance.

Beyond the GDPR

In our webinar, F-Secure CISO Erka Koivunen, Risk Management Consultant Laura Noukka and Principal Security Consultant Antti Vähä-Sipilä discuss what the GDPR proposes, and how it will impact organizations.