Preparing for GDPR? We're here to help you get ready.
At its core, the GDPR is about trust. It is about companies handling the personal data of their customers, partners and employees with care and respect
GDPR goes into effect May 25, 2018.
The General Data Protection Regulation (GDPR) calls for companies to take greater care in protecting and respecting the personal data of customers, partners and employees. And ShareFile is already the trusted partner to thousands of these businesses around the world—helping them secure files and data in the cloud. That puts us in a unique position to support your GDPR compliance programs. The security and control built into ShareFile, provide a solid foundation for meeting the extensive mandates of GDPR.
What is GDPR and why it matters
The regulation, which was enacted by the E.U. Parliament in 2016, aims to provide a high and consistent level of data protection to all E.U. residents. But it can also have a big impact on U.S. businesses. The law applies to both “controllers” and “processors” of data—in other words, any organization within the E.U. and any organization that stores, handles, or processes personal data of E.U. residents in any way.
Did you know
Businesses that don't comply face heavy fines of up to 20 million euros or 4% of their global annual revenue, whichever is greater. For many, this prospect is becoming more real by the day. A recent survey found that:
- While 67% of respondents are aware of GDPR, only about half have allocated budget and started to prepare for these new regulations.
- 74% of respondents say complying with the GDPR will have a significant and negative impact on their organizations.
Want to learn more about how ShareFile can help with GDPR readiness?
How ShareFile keeps your business GDPR compliant
Article 25: Data Protection by design and by default
- Personal data can be identified through ShareFile Data Loss Prevention (DLP) integration, leveraging the customer’s existing DLP solution. Personal data access can be restricted with sharing policies.
- Access to personal data is further protected by authentication including 2-step verification and SAML integration, password policies, mobile security, and network security capabilities.
Article 25: Records of processing activities
- ShareFile supports a subset of the requirements through our DLP integration where DLP scanned files with Personal Data are being audited and tracked. This includes upload, download and access activities related to Personal Data.
Article 32: Security of processing
- All data within ShareFile including Personal Data are encrypted at rest. ShareFile also supports customer managed encryption keys through Key Management Services.
- Data can also be protected through Information Rights Management (IRM) to enable encryption of data further.
Technical and organizational Measures, Access Restrictions
- ShareFile supports any data sovereignty requirements through the availability of our EU control plane.
- To support the transfer of personal data to a third country or international organization, Information Rights Management (IRM) can be used to provide the safeguards.
How Citrix can help your enterprise with GDPR readiness
Citrix solutions provide a foundation of confidentiality, integrity and availability across all types of on-premises, hybrid cloud and public cloud IT environments. Four key design principles make our solutions ideally suited to aid GDPR readiness:
- Apps are centralized in the data center or cloud so that enterprise data is not stored on devices.
- When sensitive data must be distributed, mobilized or utilized offline, it’s protected in a secured container.
- Context-aware policies based on user identity, device, location, and network connection give IT granular access control.
- Visibility and user behavior analytics detect potential threats to proactively remediate and mitigate risk.