Ignorer kommandoer på båndet
Gå til hovedindhold
< BACK

Get your security controls ready for GDPR, to help you to achieve compliance


It’s now less than a month to go before the EU General Data Protection Regulation goes live on the 25th of May 2018, and many of us are still busy preparing processes, procedures and technical security controls to ensure compliance with the new regulation.

In this NNIT Security Insights article, we take a quick look at some of the security controls that will help organization to comply with the EU GDPR.

A security control is a safeguard implemented in order to minimize security risks to for example electronic information stored in a system. For EU GDPR, the following four security controls should be considered:


  • Data Protection: Ensures that data is protected against loss of Confidentiality, loss of Integrity or loss of Availability. This control covers a number of areas, such as access control, encryption, data backup, and system availability.

  • Access Control: Ensures that only authorized persons with a business need are able to access personal data.

  • Data Retention: Ensures that data is retained for as long as there is a legal basis for retaining this, and not longer.

  • Logging & Monitoring: Ensures that access to data is monitored and logged, which assists in demonstrating compliance, and also assists in the event that there is a data breach.

Where to start?

A good place to start is to carry out an assessment of your existing security controls for each of the controls listed above, which will enable any gaps to be identified.
Once the gaps have been identified, a roadmap of activities needed to close the gaps can be developed and implemented.

Do you have anything to add? Do you think anything is missing? Please let me know and share your comments!


About the Author

John Clayton is an IT Management Consultant and Cybersecurity Specialist with more than 20 years’ experience in IT and Management Consulting, and with roles bridging Business and IT.


About NNIT Security Insights

NNIT Security Insights is a regular column where prominent NNIT IT security advisors share their thoughts on current and future IT security challenges and how to deal with them.

NNIT has its own Cyber Defense Center. If lightning strikes, we have the necessary competencies in-house to respond and assist. We have also developed a range of services that can help businesses to achieve the right level of security protection to protect the business from financial and reputational damage.

You are welcome to contact us at itmanagement@nnit.com if you want to know more about how NNIT can help your business increase its information security level.



 

 

Helge Skov Djernes+45 3075 8868 hfsd@nnit.comInformation Security Management Consultanthttps://www.linkedin.com/in/helgeskovdiernaes/Helge Skov Djernes

 

 

Risky Business?http://www.nnit.dk/ArtiklerOgOfferings/Sider/Risky-Business.aspxRisky Business?
​Ransomware 101http://www.nnit.dk/ArtiklerOgOfferings/Sider/Insights.aspx​Ransomware 101
Cybersecurity Awareness – The First Line of Defense​http://www.nnit.dk/ArtiklerOgOfferings/Sider/CybersecurityAwareness.aspxCybersecurity Awareness – The First Line of Defense​
The Fine Art of Aligning Business Strategy and Information Security Strategyhttp://www.nnit.dk/ArtiklerOgOfferings/Sider/The-Fine-Art-of-Aligning-Business-Strategy-and-Information-Security-Strategy.aspxThe Fine Art of Aligning Business Strategy and Information Security Strategy
​Privacy – why it is worth fighting forhttp://www.nnit.dk/ArtiklerOgOfferings/Sider/Privacy.aspx​Privacy – why it is worth fighting for
​The C.I.A. of application security!http://www.nnit.dk/ArtiklerOgOfferings/Sider/ApplicationSecurity.aspx​The C.I.A. of application security!
Migrate to Cloud Services without Jeopardizing Security and Compliancehttp://www.nnit.dk/ArtiklerOgOfferings/Sider/MigratetoCloudServices.aspxMigrate to Cloud Services without Jeopardizing Security and Compliance
​​​Building a sustainable defence: How to secure your operational technology (OT) environment​http://www.nnit.dk/ArtiklerOgOfferings/Sider/BuildingSustainableDefence.aspx​​​Building a sustainable defence: How to secure your operational technology (OT) environment​
On Cyber Warfarehttp://www.nnit.dk/ArtiklerOgOfferings/Sider/On-Cyber-Warfare.aspxOn Cyber Warfare
Control Your Security & Privacy in the Cloudhttp://www.nnit.dk/ArtiklerOgOfferings/Sider/Control-Your-Security-Privacy-in-the-Cloud.aspxControl Your Security & Privacy in the Cloud