LOS ALTOS, Calif., Nov. 19, 2015 /PRNewswire/ -- Netskope, the leading cloud access security broker, today announced the availability of two services designed to help organizations comply with the upcoming European Union General Data Protection Regulation (GDPR): the Netskope Cloud Risk Assessment for the EU GDPR and the Netskope Cloud Compliance and Remediation Service for the EU GDPR.
The Netskope Cloud Risk Assessment for the EU GDPR will provide a one-time overview of all of the cloud apps in use across an organization's network, assess the enterprise-readiness and likely compliance of those apps with the pending regulation, offer specialized reports that map to the regulation's key principles, and provide policy recommendations to mitigate risk and bring the organization's cloud usage into compliance with the current draft of the regulation.
The Netskope Cloud Compliance and Remediation Service for the EU GDPR will help organizations build a compliance program and implement security policies and workflows for their enterprise information security teams to manage ongoing compliance with the regulation. The service is customized for each organization based on their existing workflows and technologies, with special consideration for the GDPR compliance requirements relating to cloud services.
In addition to these new services, Netskope today also announced a GDPR Readiness Kit, a collection of complimentary resources designed to help organizations achieve GDPR compliance. Those resources include an in-depth white paper detailing the pending legislation and organizations' responsibilities related to cloud app usage, a summary compliance checklist, a best practices webinar, and a series of local, in-person seminar workshops.
Set to be finalized in 2016 and enforced from 2017/18, the GDPR will require organizations to take measures to ensure the security and proper use of individuals' personal data. The legislation covers data stored or "processed" by any service – including cloud apps – and includes unstructured content containing personally identifiable information (PII).
One of the most significant compliance challenges that organizations face under the GDPR is that many personal data are processed in an unstructured way – for example by employees using hundreds of cloud-based file-sharing, productivity, collaboration, customer relationship management, human resources, and finance and accounting apps. Under the GDPR, it is always the organization's legal responsibility to protect such data, structured or unstructured, from loss, alteration or unauthorized processing. This applies even if workers use cloud services that are not pre-approved or controlled by the organization – so-called "shadow IT."
One type of measure that companies can take to move towards GDPR compliance is to gain control of interactions with the cloud. This is achieved by:
- Discovering and monitoring all cloud applications in use by employees;
- Knowing which personal data are processed by employees in the cloud;
- Securing data by enforcing policies that ensure that unmanaged cloud services are not being used to store and process personal information;
- Coaching users to adopt the services sanctioned by the IT department; and
- Using a cloud access security broker to assess the enterprise-readiness and adherence to the principles of GDPR of all cloud services and ensure that all data are protected when en route to or from, or at rest in, the cloud.
"In the day and age of cloud, BYOD and SaaS, there's arguably no bigger challenge than monitoring, tracking and controlling data within an organization," said Adrian Sanabria, analyst with 451 Research. "The GDPR is concerned with whether or not personal data belonging to EU citizens are misused and has some serious penalties and sanctions built into it. A breach of this sort of data will invoke this regulation regardless of whether the entire company was aware of personal EU data being stored, or only a single employee; whether the company is EU-based or not. Either way, the damage is done and the GDPR applies. Understanding what data exist and how they are being stored and handled is the new baseline for this and other new data regulations."
"The GDPR is a complex and wide-ranging piece of legislation that greatly increases organizations' responsibilities for data protection," said Sanjay Beri, CEO, Netskope. "It is obvious from the requirements on unstructured data alone that cloud app usage is a major threat to companies subject to the regulation. With very significant fines of up to 5% of a company's global turnover, organizations that fail to comply with the GDPR risk a disastrous impact on their reputation and bottom line.
"All organizations should be making preparations to comply now, and paying extremely close attention to how they use and protect their customers' personal data. It might seem a daunting challenge, but the sooner companies start making preparations, the more time they will have to demonstrate compliance. Our new services are designed to help them achieve that, and avoid a hugely damaging incident in the process."
- Download a copy of the Netskope white paper on Managing the Challenges of the Cloud Under the New EU General Data Protection Regulation
- For more information on the Netskope Cloud Risk Assessment for the GDPR, download this data sheet
- For more information on the EU GDPR Cloud Compliance Assessment and Remediation Service download this data sheet
- Register for the Netskope EU GDPR webinar
- Register your interest for upcoming regional in-person seminar workshops
Netskope™ is the leading cloud access security broker (CASB). Only the Netskope Active PlatformTM provides discovery, deep visibility, and granular control of sanctioned and unsanctioned cloud apps. With Netskope, IT can direct usage, protect sensitive data, and ensure compliance in real-time, on any device, including native apps on mobile devices and whether on-premises or remote, and with the broadest range of deployment options in the market. With Netskope, businesses can move fast, with confidence. Serving a broad customer base including leading healthcare, financial services, high technology, and retail enterprises, Netskope has been named to CIO Magazine's top 10 cloud security startups and featured in such business media as CBS News, Wall Street Journal, and Forbes. Netskope is headquartered in Los Altos, California. For more information, visit our website or follow us on Twitter.