Security Roundup: GDPR Data Discovery, Mobile Data Loss, SplunkSecurity Roundup: GDPR Data Discovery, Mobile Data Loss, Splunk

Edward Gately

Any U.S. organization that handles data belonging to EU citizens now has about three months to comply with the EU’s General Data Protection Regulation (GDPR).

A big part of the process is data discovery, or locating all relevant data potentially dating back decades. A Social Security number and date of birth are just two types of data associated with an individual; there are tens if not hundreds that need to be located and recorded.

It’s nearly impossible to carry out all of the steps to reach GDPR compliance without a clear understanding of where personal data is located throughout an enterprise’s systems. And noncompliance can trigger penalties totaling 4 percent of revenues, or a maximum of $22 million.

ASG Technologies’ Rob Perry

To find out more about data discovery, Channel Partners spoke with Nick Porter, founder and technical director of Silwood Technology, a U.K.-based company that develops data-discovery software, and Rob Perry, vice president of product marketing at ASG Technologies, a Silwood partner and provider of information access, management and control.

Perry said it’s definitely crunch time for organizations impacted by GDPR.

“Estimates are that 80 percent of companies won’t be fully compliant by the deadline,” he said. “It would be nice … if they were all ready to go, but it’s not happening. In the United States in particular, we’re seeing a real uptick in the activity, particularly around discovery. The first step – aside from understanding GDPR and how that is going to affect you – when you look at your data, clearly the first step is discovery. You’ve got to find what data you have out there, and in a big organization it’s everywhere.”

Partners can help organizations by recommending the best technologies that will allow them to account for all of their data and rapidly reach compliance, and then helping them make the best use of those technologies, Porter said. A company that doesn’t have a grip on GDPR by now will need “all the tools they can get to reach compliance at this time scale,” he said.

One mistake companies are making in data discovery is focusing on more modern systems, Perry said.

Silwood Technology’s Nick Porter

“Many of these companies have data that they’ve been collecting for decades,” he said. “They need to really reach back and consider, ‘What do we have?’ and get rid of it if [they’re] not using it anymore. Part of this is data minimization, and not having data that, one, you don’t have the right to use; and two, you’re not doing anything with and it’s a risk having around. It’s really looking back through your deeper systems from the past and seeing what’s there.”

There are certain types of data that are exempt from the GDPR compliance process, Porter said.

“Part of the regulation is that the data needs to be accessible,” he said. “If you think about paper-based systems, if it’s a room full of pieces of paper … and nobody knows and there’s no index to tell you what’s on that paper, it might well be …

… personal data, but you are allowed to say that’s inaccessible. That’s probably also true for electronic systems as well, and if it’s no longer relevant to the business, you could destroy the data.”

There are organizations that think they can handle data discovery manually, but “you really can’t because you’re going to end up with so many bodies working on it,” Perry said.

“And if you automate, you can identify changes that may affect your compliance,” he said. “Automation helps make it happen and make it more cost-effective, and keeps you apprised of changes in the data structure that may affect your compliance and allow you to act accordingly.”

Another mistake organizations make is not taking GDPR seriously at the C-level and not sponsoring a multidisciplinary team to implement a sustainable compliance program, Porter said.

And once the daunting process of data discovery and GDPR compliance are complete, the process isn’t over, Perry said.

“You don’t become compliant and say, ‘Oh, great, we’re done,” you have to keep doing it over time,” he said. “You have to keep active with it and keep your processes in place. One of the advantages we found is that when you really do understand your data and understand your processes, you should take that into an enterprise data-governance view and more broadly think about how you manage and control data across the organization. You can apply best practices and really improve your overall data management with the catalyst of GDPR compliance as the driver for it.”

Cybersecurity Survey: IT Professionals Expecting the Worst

Most senior-level IT professionals believe their organizations will experience a catastrophic data breach that could greatly impact shareholder value, according to a new survey of 1,100 senior-level IT and IT security global practitioners commissioned by Raytheon in partnership with Ponemon Institute. It also shows that despite growing threats, IT professionals believe cybersecurity is still not considered a strategic priority among senior leadership.

“Our hope is that CISOs and senior leaders can use this report as a tool to start a deep dialogue about the critical need for cybersecurity within their organizations,” said Thomas Kennedy, Raytheon’s chairman and CEO. “Every day the cyberthreat is growing more sophisticated and aggressive, posing a real threat to global businesses across all sectors. To reduce risks, leaders must urgently work with their IT teams to identify potential vulnerabilities, develop an action plan and make the investments needed to protect the value of their organization.”

Some 82 percent of respondents predict their workplace will suffer a catastrophic data breach in the next three years as a result of unsecured Internet of Things (IoT) devices, while 66 percent say such an attack would seriously diminish shareholder value.

Also, 67 percent believe cyber extortion, such as ransomware and data breaches, will increase in frequency and payout, and 60 percent predict …

… nation-state attacks against government and commercial organizations will worsen and could potentially lead to a cyber war.

Protecting Mobile Devices from Data Failure

Mobile phones, laptops, tablets and other devices continue to become more intelligent and versatile in a world where connectivity is a must and BOYD has become a business norm.

Half of hard drives die within five years, meaning data inside mobile devices can be over-operated, therefore resulting in accidentally deleting or losing important information.

David Zimmerman, CEO of LC Technology, tells Channel Partners that from a physical perspective, keeping your mobile device secure from data failure really means keeping your phone safe.

“As far as the actual data is concerned, considering phones are typically ‘always on,’ there’s no reason data needs to be a concern if you are utilizing the tools your provider gives you access to, so your phone is continually backing up,” he said. “If you’re using an Android phone, Google has a number of tools you can use, like Google Drive and Google Cloud — the same goes for Apple and iCloud. Both can be used to constantly sync data in the event your phone becomes damaged. The same goes for a MicroSD card that is in your phone.”

Zimmerman suggests using the free tools and offline storage that are provided by your carrier or device manufacturer. Also, take the time to explore the options you have with your phone.

“Use care in inserting and ejecting any removable storage, like a MicroSD card,” he said. “Accidentally trying to put it in backwards could cause you to bend or crack the card. Plug your phone in at home and have your phone set to sync up with your computer and backup your files locally at home as well.”

Splunk Unveils Investigation Workbench

The latest version of Splunk Enterprise Security (ES) introduces Investigation Workbench, aimed at streamlining investigations and accelerating incident response.

The new tool helps analysts focus on investigating incidents and potential mitigation by eliminating the need to switch to other dashboards and panels to get details on an incident, Splunk said.

Girish Bhat, Splunk’s director of security product marketing, tells Channel Partners that Investigation Workbench allows MSSP and managed detection and response (MDR) partners to help their customers respond faster, starting by quickly identifying the scope of the incident, determining its root cause and taking specific actions.

“Technology partners can immediately integrate domain-specific data into existing environments to provide detailed insight to accelerate incident response,” he said. “Customers are eager for better ways to reduce time to detect, investigate, contain and remediate. Splunk ES v5.0 with Investigation Workbench reduces the dwell time and equips partners with the resources to simplify investigations as well as accelerate the response and remedial activities.”