Data-Centric Security – A Common Sense Approach to GDPR
The General Data Protection Regulation (GDPR) is about protecting people and their data privacy. As with any regulation, it sets expectation and establishes punitive damages to organizations that don’t comply, to the tune of 4% of their annual net revenue.
Any company, within or outside of the EU, must ensure it can fully protect the data of EU citizens. That includes being able to control exactly who can access and utilize the information and the ability to revoke access to the data upon the request of the citizen.
Data-Centric Security & GDPR
If your organization is based in the EU or transacts business with companies in the EU, you are likely required to comply with GDPR.
At its core, GDPR is about ensuring you can control and audit data wherever it travels. One straight forward approach is to attach data-centric security to any customer information that is stored on your own servers and that you share with third parties.