CS Mar Apr 2022
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
compliance<br />
ORGANISATIONS LOSE AN AVERAGE<br />
OF $4 MILLION IN REVENUE, DUE TO<br />
A SINGLE NON-COMPLIANCE EVENT.<br />
(Saviynt.com - The True Cost of Non-<br />
Compliance - MJ Kaufmann - <strong>Apr</strong> 2021)<br />
WHAT SORT OF FINE COULD I FACE,<br />
IF I AM NOT COMPLYING WITH GDPR<br />
LAWS?<br />
The UK GDPR and DPA 2018 set a<br />
maximum fine of £17.5 million or 4%<br />
of annual global turnover, whichever is<br />
greater, for infringements while the EU<br />
GDPR sets a maximum fine of €20 million<br />
(about £18?million) or 4% of annual<br />
global turnover, whichever is greater,<br />
for infringements. (Legislation.gov.uk -<br />
Relevant provisions of the Act - See<br />
Sections 155 to 159, Part 6)<br />
HOW HAS COVID-19 CHANGED THE<br />
WAY THAT DATA IS MANAGED?<br />
With all the disruptions from Covid-19,<br />
businesses have had to quickly find new<br />
ways of working. For many companies<br />
around the world, remote working is<br />
the new normal. With remote working,<br />
businesses have had to figure out ways of<br />
having their workforce collaborate and<br />
work together, resulting in a significant<br />
spike in organisations adopting the usage<br />
of platforms like Microsoft Teams, Google<br />
Workplace, Atlassian tools (Confluence,<br />
Jira and Bitbucket), Alfresco, Slack…the<br />
list is forever growing.<br />
Collaboration is a truly wonderful thing,<br />
but with this rise in collaborative tools<br />
being adopted, key sensitive data is now<br />
stored in even more places, making it<br />
even harder for businesses to get a firm<br />
grasp of how data is being shared<br />
between their staff.<br />
Not only have IT teams had to adopt<br />
this new way of working, evaluate and<br />
implement new tools to keep businesses<br />
running, but they've also had to get<br />
their heads around the complexities of<br />
compliance regulations, which is no easy<br />
feat. To many business leaders, IT teams<br />
today are modern-day saints. The top<br />
three skills for compliance officers are:<br />
subject matter expertise, communication<br />
skills and anticipating future regulatory<br />
trends. With businesses only growing the<br />
number of solutions they use, surely<br />
staying on top of their data will become<br />
an unmanageable task?<br />
REGULATORS FINED BANKS $10<br />
BILLION IN A 15-MONTH PERIOD<br />
THROUGH 2019, WITH MOST OF<br />
THOSE FINES CAUSED BY CYBER-<br />
ATTACKS (60%) (Fenergo - Jan 24,<br />
2020)<br />
What if there was a solution that provided<br />
a report highlighting exactly what GDPRrelated<br />
data was being stored and where<br />
it was stored? What if that solution was<br />
able to scan not just one single instance<br />
of a collaborative tool, but the entire<br />
digital estate (CRMs, marketing tools,<br />
sharing platforms, endpoints, fileservers)<br />
and provide visibility into data stored<br />
EVERYWHERE? Would that make the<br />
unmanageable manageable? Having a<br />
rich understanding of stored compliancerelated<br />
data, across all tools and solutions<br />
used inside a business, is the only way of<br />
operating in line with ones regionalised<br />
compliance regulations.<br />
Stagnant budgets and a shifting<br />
workforce have left many compliance<br />
teams feeling stretched, with 87% of<br />
businesses reporting that they have<br />
no additional capacity, due to being<br />
understaffed or only adequately staffed.<br />
ENTER GEOLANG DATA DISCOVERY<br />
The GeoLang Data Discovery tool has<br />
been created to help organisations<br />
confidently operate within the compliance<br />
regulations they must follow by scanning<br />
their digital estate (endpoints, fileservers,<br />
Office 365, Google Workspace, Atlassian<br />
Jira/Confluence/Bitbucket [data centre and<br />
cloud] and Alfresco), providing a report<br />
(The Hero Report) that highlights the<br />
company risk profile, what sensitive data<br />
has been found, where sensitive data has<br />
been found, key risk areas, how current<br />
risks have been mitigated, mean time to<br />
resolution and the current risk exposure.<br />
In all, 44% of businesses say that their<br />
top compliance management challenges<br />
are handling compliance assessments,<br />
undergoing control testing, and implementing<br />
policy and process updates.<br />
(MetricStream State of Compliance Survey<br />
Report 2021)<br />
Generated at the touch of a button (or<br />
delivered automatically), the high-level<br />
Data Discovery Executive Summary<br />
('HERO Report') provides configurable<br />
and periodic reporting on risk assessment<br />
and risk mitigation, as a dynamic report,<br />
but also available in PDF or editable<br />
format for distribution to managers. Userfriendly<br />
dashboards are also available in<br />
one central location.<br />
Pre-defined and bespoke rule sets,<br />
including GDPR, PCI, or HIPAA, are<br />
supported, along with granular regular<br />
expressions, keyword lists and compound<br />
queries. GeoLang Data Discovery searches<br />
unstructured datasets stored in over 200<br />
formats across your digital estate and<br />
with the 'find files similar to' function,<br />
one can quickly build repositories from<br />
dispersed business data.<br />
To understand how GeoLang can help<br />
simplify the management of data<br />
compliance, help get your data ready for<br />
a cloud migration/digital transformation<br />
project or even ease how Digital Subject<br />
Access Requests (DSARs) are managed,<br />
you can check out the Geolang website<br />
at: www.geolang.com. Alternatively,<br />
contact the company by emailing:<br />
contact@geolang.com.<br />
www.computingsecurity.co.uk @<strong>CS</strong>MagAndAwards <strong>Mar</strong>/<strong>Apr</strong> <strong>2022</strong> computing security<br />
17