The big rulings are still missing from the European General Data Protection Regulation. There were many reports, but only 75 fines were imposed across Europe. The frequently threatened highest penalty of 4 percent of global annual turnover was never applied. Does this mean that most companies did their homework and were able to minimise or completely avoid data breaches? Not at all. Many requirements are still not being implemented by numerous companies in various member states – and when they do implement these, it’s often a half-hearted effort. According to the regulation, however, personal data needs to be protected and managed better than before. Companies therefore still have a lot of work ahead of them to avoid coming into conflict with European law. Companies should primarily focus on implementing the following recommendations:

 

  • Technical and organisational measures must be implemented under consideration of the data protection and IT security risks. This is the only way to credibly verify that personal data is being processed in compliance with the GDPR.
     
  • Systems with personal data must be protected accordingly with regard to data protection and the current state of technologies.
     
  • Declarations of consent must be collected and managed centrally and upstream.
     
  • Companies that process personal data must protect these against unauthorised access.

 

Suitable investments in strong IT security solutions which support compliance with the European regulation are urgently required. Verifying and authorising identities centrally is thus the best way forward, even if these are managed in a decentralised manner. Guidelines can thus be enforced centrally and records can be managed more easily for audits. This also applies to access to personal data and access to web services which are protected via a central platform with strong upstream authentication. All access guidelines can thus be managed and enforced centrally and protected in line with the GDPR.

Learn more about IT security solutions from Airlock.

Airlock Secure Access Hub

By Thomas Kohl, Senior Business Development Germany at Airlock, a security innovation from Ergon Informatik AG

Blognews directly to your inbox

The Airlock Newsletter informs you continuously about new blog articles.

Subscribe blognews

Comments 0

More interesting articles

The advantages of an intelligent, upstream security solution
2FA

The advantages of an intelligent, upstream security solution

5 security challenges in an open banking ecosystem
Banking

5 security challenges in an open banking ecosystem

Cyber Security Study
SAH

Cyber Security Study

Information for you

-Our whitepaper-

IT-security solutions

Digitalisation is presenting businesses with new challenges which go far beyond information technology. This primarily relates to an aspect which is becoming increasingly important: IT security.

Read our whitepaper to find out how IT-Security will become the pioneer of degitalization.

Request free of charge

Accelerate digitisation

To stay technically viable in this digital transformation, you must increasingly switch to hybrid cloud environments. This requires new security approaches as well as coordinated identity and access management.

Find out more in our whitepaper in collaboration with Deloitte, eperi and SHE.

Request free of charge

OWASP Top 10 for API Security

OWASP has created a new Top10 list for API Security. The top 10 listed reflect a broad consensus on what the most important API security issues are at the moment.

In our whitepaper you will learn how our Airlock API addresses the OWASP Top 10.

Request free of charge