source:Dall-EOvercoming the Complexities of Cloud Migration with Cohesive Networks' VNS3 Plugin System Transitioning...
5 ways VNS3 can help meet GDPR data privacy compliance
According to a study by KPMG of the boards of FTSE 350, few are prepared for the General Data Protection Regulation, or GDPR. Organisations are running out of time to get their IT systems and operations in order. Protecting and securing existing data is only half the battle, with the GDPR’s strong emphasis on security by design and data portability.
On May 25, 2018 the European Union’s new data protection and personal information laws will go into effect. The GDPR governs the privacy and security of personal data for practically every person and entity connected to the EU.
Don’t take the risk
Fines for non-compliance will be harsh. Companies that do not maintain information security best practices could be fined up to 4% of “total worldwide annual turnover of the preceding financial year.” If a US-based financial institution was found to have data on EU citizens, they could face a fine of 4% of total global revenues or up to 20 million Euros ( $22 million US).
VNS3 can help organisations meet data security measures for data privacy compliance. Even if your company is not located in the EU, your data might include information on a “data subject.” For organisations with large amounts of data and data that travels between networks the best options include adding encryption in-transit. Cloud providers offer excellent encryption for data at rest, but only some services and intra-region transfers have data-in-motion encryption. Any data traveling between cloud regions, traveling over the public internet, and between organisation locations should be encrypted.
What type of data is covered?
For GDPR compliance, personal data is defined as “any information relating to an identified or identifiable natural person ‘data subject’; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.”
Plus, there are 2 new data categories: genetic and biometric data.
“Genetic and biometric data” means anything that may reveal an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and data concerning health or sex life and sexual orientation. These 2 categories join existing sensitive and special personal data, such as home addresses, credit card details, and health care records.
VNS3 meets data security measures for your GDPR compliance by helping you:
- Encrypt data in transit
- Protect Personal Data
- Guard against Vulnerability
- Maintain Strong Access Control
- Enhance Data Portability
1. Encrypt data in transit
Use VNS3’s secure IPsec tunnels to connect to all data sources and applications. With end-to-end encryption that only you control your organisation can guarantee GDPR compliance for your customer’s data, even if you collect it in one region and process it in another. Section 83 of GDPR event states “…the controller or processor should evaluate the risks inherent in the processing and implement measures to mitigate those risks, such as encryption.” VSN3 offers a superior level of encryption, with AES 256-bit encryption.
2. Protect Personal Data
VNS3 lets you encrypt all data across networks, regions, and cloud providers. This way you can add protection in shared environments like public clouds, partner networks, and across regions. This part of the critical GDPR tenant of “data protection by design.” In Article 25 , organizations must design data protection into business processes to protect personal data. GDPR leaves it up to companies to decide what security measures are needed to match the risks of a data breach. Encryption is a proactive approach to data security and can save organisations heavy fines.
3. Guard against Vulnerability
Section 83 states all organisations should consider “the risks that are presented by personal data processing, such as accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.” Prevent unwanted access to your customers’ data with a VNS3 intrusion detection system (IDS). With VNS3, you can securely connect your network across multiple public and private clouds and use our plug-in system to add in monitoring for possible intrusions. By combining network functions, you can ensure data in motion security and privacy.
4. Maintain Strong Access Control
Control access to data and encryption keys with VNS3. Enforce security policies and multiple orthogonal layers for added security with VNS3. Not only does VNS3 provide layer 4-7 network security, but using the Docker container system allows you to create “in mesh” application plugins, including network intrusion detection (NIDS), proxy, and monitoring controls. Prepare with security, but plan for a data breach. Along with controls to detect any unwanted network access, your teams should also have a plan to control and shut down any malicious actors.
5. Enhance Data Portability
Data portability might seem unrelated to privacy interests, but it is another goal we’ve always championed at Cohesive Networks. Data portability will allow organisations to free themselves from any non-compliant vendors or partners, which could limit the risks for organisations just taking on GDPR compliance projects. The GDPR likely will only require data portability for data that were originally provided by the data subject (including as photos or documents stored in the cloud). Interoperable standards are encouraged, but not mandated by GDPR.
With a VNS3 overlay network over the top of any cloud or virtual network you can make your applications, and the data they use, more agile.
What is VNS3?
VNS3 is a software-only virtual machine that integrates with existing network equipment and can be delivered as part of the application deployment in most virtualized infrastructures.
With over 3,000 connected customers in more than 22 countries, VNS3 has provided more than 500 million devices hours of application networking for the cloud. VNS3 offers customers more dynamic network controls on top of cloud offerings, including multiple VLAN peering, end-to-end data in motion encryption, application layer firewall rules, multicast, and multi-region peering.
Get in touch with our sales team for BYOL versions for other large clouds, custom pricing, or for a POC.