0 Days Remaining


GDPR is here! Are you ready?

The Challenge

Approved and adopted in January 2016, enforcement of the European Union (EU) General Data Protection Regulation (GDPR) comes into effect on 25 May 2018.

With just one year to go before enforcement of GDPR formally begins, it’s time to move beyond mere awareness and understanding of what it is, and start making decisions about how you’re going to address it.

—Derek E. Brink, CISSP, Vice President and Research Fellow, Information Security and IT GRC

Six Basic Strategies for Data Protection

Findings from the Aberdeen Group Report

When your organisation is finally technology-ready for GDPR, Aberdeen has found that even the most complex mix of technical security controls for data protection reflects just six basic strategies.

  • Do nothing
  • Manage access
  • Monitor and filter
  • Encrypt
  • Substitute
  • Apply controls

Do nothing

Do nothing

This may sound odd at first, but remember that not all data needs to be protected. This underlines the importance of identifying and classifying data as a foundational step in any data-protection plan.

Six Key Messages from Oracle

As you define your company’s strategies to achieve EU GDPR compliance, what should you be thinking about first?

  • An opportunity,
    not a threat
  • Personal data
  • Best practice
  • Security controls
  • Encryption
  • The countdown

An opportunity,
not a threat

An opportunity, not a threat.

  • The same security controls can be used to protect any sensitive data (not just personal data)

  • Built-in security inside and out saves time and money, and reduces risk

  • Security controls that form part of your GDPR compliance strategy should be seen as adding value to your business


Non-compliance with GDPR can result in heavy fines and increased regulatory actions. More importantly, however, significant breaches can damage an organisation’s brand, value and reputation. Protecting the brand requires an organisation that collects personal data to be able to demonstrate compliance consistently, and adhere reliably to the GDPR principles of privacy and security.

The path towards GDPR compliance involves a coordinated strategy that engages different organisational entities (including legal, human resources, marketing, security, IT and others). Organisations should therefore have a clear strategy and action plan to address the GDPR requirements with the 25 May 2018 deadline in mind.

Based on its experience and technological capabilities, Oracle is committed to providing customers with a strategy designed to achieve GDPR security compliance. To learn more about how Oracle can help, please contact your local sales representative and visit oracle.com/goto/gdpr.

Further Reading

Find out more about GDPR below.

Integrated Cloud Applications & Platform Services