A little over a year has passed since the introduction of the GDPR, the general EU regulation on data protection, and businesses are still adjusting to the law. In Italy, GDPR is only applied by 23% of businesses. Fortinet, on this anniversary, analyzes what the company's data security goals should be and offers some suggestions on how to attain them.
GDPR: data security is also a favorable chance according to Fortinet The new data protection laws are not only a harmful job, they are also an opportunity to review the processes of companies and give order to procedures. The GDPR obviously describes what private information are, and this helps businesses identify the information they need to act on, while the earlier definition leaves space for doubt.
Companies have often lost true control over how the information was processed in the hurry to digitize everything. The GDPR imposes a fresh rigor that can assist businesses in revising policies and renewing and reorganizing their infrastructure. This involves the security aspect as well.
There are three basic information objectives: protect information wherever it is: information must always be protected in today's multi-cloud environment globe. Therefore it is necessary to keep track of this information and to use protection policies which cover the entire infrastructure with a consistent segmentation and always in a position to guarantee the same protection (and in this the cloud service providers must also adapt); to prevent data loss: the regulations require data to be protected at all times and in any case, even from loss of the same. That is why it is essential to introduce systems that avoid the loss of information (DLP, Data Loss Protection), apply them online or integrate them at the cloud API level; centrally handle legislative enforcement measures: the legislation needs that the entire infrastructure be covered, regardless of its type or allocation. Therefore it is essential to have a consistent implementation of the policies everywhere and this involves a centralized leadership solution as manually correlating the information hazards will lose the pulse of the scenario and even incur severe penalties.
Fortinet offers some tips on how best to protect data: use time-specific protection and threat detection instruments, acquire real-time information on threats, monitor accesses and evaluate user conduct to intervene proactively, integrate with the infrastructure and thus respond uniformly to attacks; use intentional network segmentation to isolate intruders and restrict t