GDPR Compliance Guide

Recovery and investigation capabilities for endpoints.

Business Challenge
right arrow icon

Endpoints are data stores

While legal and compliance teams plan for meeting General Data Protection Regulation (GDPR) requirements, IT and security teams are tasked with determining what data stores contain personal or sensitive data and whether or not they have disaster recovery and breach notification capacities for each data store.

One data store that proves difficult to manage for GDPR compliance is the data residing on employees laptops and desktops. Data on endpoints can be a black hole for IT and security teams who have very limited visibility into the contents of employee files, making investigation and response to data exfiltration involving the endpoint complex and imprecise.

Business Impact
right arrow icon

Stolen endpoint data could result in GDPR penalties

Fines costing $20 Million EUR or 4 percent of annual revenue are not just reserved for the most commonly discussed privacy provisions: the right to erasure and the right to portability. Any critical violation of GDPR can incur the same draconian fines. Failing to consider endpoints as a data store could create big risks for organizations doing business in the European Union (EU).

Organizations may have considered the need for disaster recovery and breach notification within 72 hours as the regulations affect customer relationship management (CRM) and point of sale systems. However, planning for endpoint data visibility is also essential for GDPR compliance. What constitutes a serious incident depends on the context of the data.

GDPR: Are You Ready?

Make sure your organization is prepared. Download the white paper, “The Path to Rapid GDPR Compliance.”

Best Line of Defense
right arrow icon

See file content and movement

Know when to report endpoint data leaks to GDPR supervisory authorities, and how to recover fast.

Data protection and visibility are essential pieces of an organization’s 72-hour breach response and compliance strategies—and these capabilities need to extend to endpoint devices. Code42 helps you investigate leaks and breaches in four ways:

  1. See user behavior in context: Identify trends in user behavior so you can pinpoint abnormal file movement.
  2. Assess high-risk data movement: See exactly where data is moving, and intervene early to prevent or minimize damage.
  3. Regain control of corporate IP: Secure your most valuable data assets to avoid both accidental and intentional data leaks.
  4. Remediate fast: Restore lost or stolen data so your business can get back to work right where it left off.
Code42 Difference
right arrow icon

Spot risk sooner and respond as threats happen

Screenshot of Code42 product to help meet GDPR requirements.

Code42 reduces your time to respond from weeks to hours—by tracking data movement and monitoring the contents of end users’ files, you can pinpoint your exposure.

  • Monitor cloud storage activity: See when files are transferred to personal cloud storage applications like Box, OneDrive, Google Drive, and Dropbox.
  • Identify Removable Media: Know exactly which files are transferred to removable media devices such as USBs, external hard drives, or secure digital (SD) cards and get their serial numbers.
  • View an audit trail of activity: Drill down into the details of high-risk movement with the context you need to take next steps: see file name, path and MD5 hash, when files were taken, and through which exact vector.
  • Add context to exfiltration alerts: Network monitors can tell you something bad happened, Code42 tells you what user files were involved.

Interested in other security compliance use cases for Code42? Check out the Code42 Security Tools Overview.

Have more questions?

We are here to help.