Increased documentation and data classification requirements mean that you need to know where personal data is, who’s accessing it, and making sure only the right people have access to it
Identify where personal data is located (SharePoint, Cloud, etc.) to meet data accountability
Monitor and audit data access and permission changes. Record all data
Delete global accesses
and overexposed data. Make sure PII is kept on a need to know basis.
Apply a least privilege access model, ensuring personal data by
design and by default.
Limit data retention: establish data retention procedures so data is not stored longer than needed
Bytes Security Partnerships and Data Classification and Control Partner Varonis Systems help uncover security issues quickly and give context around metadata and what’s actually happening on your file and email servers, SharePoint, and Active Directory.
Breach notification requirements place a new burden on data controllers - reporting with context. Under GDPR, the mantra should be “always monitoring”. You’ll need to spot unusual patterns against files containing personal data, and promptly report exposure to the local authority.
Varonis’ innovative user behaviour analytics with privileged account detection analyse and detect suspicious activity – helping you detect potential security breaches, misconfigurations, and other issues and thus easing compliance with the new regulations.
Want to know more about GDPR and Data Classification? Call us on 0845 075 0560 or email us at firstname.lastname@example.org