Skip Ribbon Commands
Skip to main content
< BACK

Get your security controls ready for GDPR, to help you to achieve compliance


It’s now less than a month to go before the EU General Data Protection Regulation goes live on the 25th of May 2018, and many of us are still busy preparing processes, procedures and technical security controls to ensure compliance with the new regulation.

In this NNIT Security Insights article, we take a quick look at some of the security controls that will help organization to comply with the EU GDPR.

A security control is a safeguard implemented in order to minimize security risks to for example electronic information stored in a system. For EU GDPR, the following four security controls should be considered:


  • Data Protection: Ensures that data is protected against loss of Confidentiality, loss of Integrity or loss of Availability. This control covers a number of areas, such as access control, encryption, data backup, and system availability.

  • Access Control: Ensures that only authorized persons with a business need are able to access personal data.

  • Data Retention: Ensures that data is retained for as long as there is a legal basis for retaining this, and not longer.

  • Logging & Monitoring: Ensures that access to data is monitored and logged, which assists in demonstrating compliance, and also assists in the event that there is a data breach.

Where to start?

A good place to start is to carry out an assessment of your existing security controls for each of the controls listed above, which will enable any gaps to be identified.
Once the gaps have been identified, a roadmap of activities needed to close the gaps can be developed and implemented.

Do you have anything to add? Do you think anything is missing? Please let me know and share your comments!


About the Author

John Clayton is an IT Management Consultant and Cybersecurity Specialist with more than 20 years’ experience in IT and Management Consulting, and with roles bridging Business and IT.


About NNIT Security Insights

NNIT Security Insights is a regular column where prominent NNIT IT security advisors share their thoughts on current and future IT security challenges and how to deal with them.

NNIT has its own Cyber Defense Center. If lightning strikes, we have the necessary competencies in-house to respond and assist. We have also developed a range of services that can help businesses to achieve the right level of security protection to protect the business from financial and reputational damage.

You are welcome to contact us at itmanagement@nnit.com if you want to know more about how NNIT can help your business increase its information security level.


 

 

Helge Skov Djernes+45 30758868hfsd@nnit.comInformation Security Management Consultanthttps://www.linkedin.com/in/helgeskovdiernaes/Helge Skov Djernes

 

 

Cloud Securityhttps://www.nnit.com/cybersecurity/Pages/Cloud-Security.aspxCloud Security
Managed Securityhttps://www.nnit.com/cybersecurity/Pages/Managed-Security.aspxManaged Security
VR Cybersecurity Traininghttps://www.nnit.com/cybersecurity/Pages/VR-Cybersecurity-Training.aspxVR Cybersecurity Training
NNIT Security Insightshttps://www.nnit.com/cybersecurity/Pages/security-insights.aspxNNIT Security Insights
Identity & Access Managementhttps://www.nnit.com/cybersecurity/Pages/iam.aspxIdentity & Access Management
Cybersecurity Consultinghttps://www.nnit.com/cybersecurity/Pages/security-advisory.aspxCybersecurity Consulting
Digital Work Placehttps://www.nnit.com/advisory-services/NNIT_Academy/Pages/Digital-Work-Place.aspxDigital Work Place
How scammers attack your company using CEO fraudhttps://www.nnit.com/cybersecurity/Pages/How-scammers-attack-your-company-using-CEO-fraud.aspxHow scammers attack your company using CEO fraud
One Year with GDPR – Continuous Compliance is still a Challengehttps://www.nnit.com/cybersecurity/Pages/gdpr-one-year-on.aspxOne Year with GDPR – Continuous Compliance is still a Challenge
Application Security Health Check Servicehttps://www.nnit.com/cybersecurity/Pages/Application-Security-Health-Check-Service.aspxApplication Security Health Check Service