The Race to Readiness
4 steps to getting ahead start on GDPR data security
The European Union’s (EU) new privacy & security mandate — the General Data Protection Regulation (GDPR) goes into effect on May 25, 2018. That means every enterprise in the U.K. has less than one year to cross the compliance finish line.
The countdown is on. Give yourself a running start with this 4-step game plan
Why? Because GDPR Article 25 says you must have Data Protection by design and by default. With two-factor authentication, you use two markers to validate the users’ identity—including location, network, time of day, session ID, device, or even biometric factors such as fingerprints and retinal scans. 84% of organizations say the inability to secure access rights is putting them at risk1. 63% of security breaches involve weak or stolen credentials according to a study by Verizon.
Go with an enterprise-grade solution that provides native data encryption and encryption key management options. That way, you’re free to allow secure remote access to virtual applications and desktops for employees and third parties—all without ever putting data at risk.
This is a big deal for BYOD. You get the containerization of all data and apps that are on mobile devices. Plus, you can deploy remote wipe when a device is lost or stolen. And any user-owned content is kept separate and unaffected. If GDPR is your highest hurdle, you’re not alone. Nearly two-thirds — 69% — of organizations say GDPR compliance is a top concern. What’s more, less than half, 49%, believe their current security infrastructure positions them for compliance1.
A tested and proven Data Loss Prevention (DLP) and Information Rights Management provider will help you cover a lot of ground. DLP enables stronger content-aware sharing restrictions, while IRM lets you control file access and permissions even after a protected file is downloaded.
Why all the GDPR jitters?
Failure to comply can set you way back.Fines are as much as 100 million euros, or 2 to 4% of annual worldwide revenues, whichever is greater1.
If you use this strategy, the journey to GDRP finish line can feel more like a sprint instead of a marathon.
of security breaches
involve weak or stolen credentials according to a study by Verizon2.
say the inability to secure access rights is putting them at risk1.
are aware of GDPR1.
say their organizations have allocated budget and started to prepare for these new regulations1.
Additional ways Citrix helps businesses with privacy compliance
EU-US Privacy Shield Certification
Citrix participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. Citrix has committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable principles.
Citrix ShareFile supports the Data Processing Addendum (DPA) incorporating EU approved Model Clauses (also known as standard contractual clauses). These clauses were authored by the European Commission.
TRUSTArc (Previously TRUSTe)
The privacy practices of Citrix ShareFile have been assessed by TRUSTe for compliance with Enterprise Privacy Certification.