
GDPR is here! Are you ready?
The Challenge
Approved and adopted in January 2016, enforcement of the European Union (EU) General Data Protection Regulation (GDPR) comes into effect on 25 May 2018.
With just one year to go before enforcement of GDPR formally begins, it’s time to move beyond mere awareness and understanding of what it is, and start making decisions about how you’re going to address it.
—Derek E. Brink, CISSP, Vice President and Research Fellow, Information Security and IT GRC- Do nothing
- Manage access
- Monitor and filter
- Encrypt
-
Substitute
non-data - Apply controls
Do nothing
Do nothing
This may sound odd at first, but remember that not all data needs to be protected. This underlines the importance of identifying and classifying data as a foundational step in any data-protection plan.
-
An opportunity,
not a threat -
Personal data
discovery - Best practice
- Security controls
- Encryption
- The countdown
An opportunity,
not a threat
An opportunity, not a threat.
The same security controls can be used to protect any sensitive data (not just personal data)
Built-in security inside and out saves time and money, and reduces risk
Security controls that form part of your GDPR compliance strategy should be seen as adding value to your business
Conclusion
Non-compliance with GDPR can result in heavy fines and increased regulatory actions. More importantly, however, significant breaches can damage an organisation’s brand, value and reputation. Protecting the brand requires an organisation that collects personal data to be able to demonstrate compliance consistently, and adhere reliably to the GDPR principles of privacy and security.
The path towards GDPR compliance involves a coordinated strategy that engages different organisational entities (including legal, human resources, marketing, security, IT and others). Organisations should therefore have a clear strategy and action plan to address the GDPR requirements with the 25 May 2018 deadline in mind.
Based on its experience and technological capabilities, Oracle is committed to providing customers with a strategy designed to achieve GDPR security compliance. To learn more about how Oracle can help, please contact your local sales representative and visit oracle.com/goto/gdpr.