With less than two weeks to go until the GDPR deadline, Lynn Elwood, VP cloud & services solutions at OpenText commented below. Lynn highlights that data discovery is essential to build a foundation for GDPR-compliant data management.
Lynn Elwood, VP Cloud & Services Solutions at OpenText:
“Ask yourself this simple question: Do I know where all the personal data in my company resides? The answer for the vast majority of us will be a resounding ‘no’. Yet, that’s exactly what GDPR demands of you. Even medium-sized companies can easily be looking at terabytes or petabytes of information amassed over many years. They have data hiding in legacy systems, file shares and email systems. In many cases, the people who originally created the data have now left the organisation. Given this situation, it may not be so surprising that over 60% of security professionals say that they don’t know where their sensitive data is. This is no longer acceptable for GDPR.
GDPR requires that personal data is continually managed to ensure that you remain compliant at all times and that you can quickly respond to requests from individuals such as the right to have all their data removed. Data discovery should give you the ability to monitor, track and trace the personal data within your organisation to ensure that you have visibility of all activities taking place on that data. This will help to quickly identify the source of data breaches and enable you to comply with notification requirements should a breach occur. Whether you think that your organisation is in the position to comply fully or partially with GDPR, it’s essential that you are able to demonstrate ‘good faith’ endeavours in that direction. By conducting data discovery now, you’ll show that you’re taking GDPR seriously and have taken the first major step to compliance.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.