![\"\"](\"\/wp-content\/uploads\/2018\/06\/nathan-dumlao-505054-unsplash.jpg\")
<\/p>\nFor years, nations have used their very special agencies\u00a0(NSA, DGSE, KGB, etc.) to obtain a maximum of information on their enemies or their friends (we never know…).<\/p>\n
If we pay attention to companies and their war to become more succesful, we can notice information is essential for them to: have information on competitors, on customers or even on themselves! And this information is data.<\/p>\n
Companies have always wanted to protect their critical data (manufacturing secrets…), but digital evolution makes complex IT environments (Cloud, BYOD…). Companies’ data is now more than ever exposed to cyberattacks. If data theft or loss don’t show the same risks, their consequences can be really damaging.<\/p>\n
Citizens and companies all have, information to protect. This includes personal data. In France in 1978, this data was taken into account and protected by\u00a0the French Data Protection and Freedom of Information Law (Loi Informatique et Libert\u00e9). Forty years later (notice the reactivity!), Europe took the problem head on by strengthening personal data protection with the General Data Protection Reglementation (GDPR) the 25th of may 2018.<\/p>\n
A\u00a0strengthening which is not without risks for professionals who don’t want to take care of it. Fines, which can reach up to 4% of the worldwide company turnover, are here to persuade companies to play the game. The goal of this new dynamic is to inverse the power balance between customers and companies, whose access, modifications, portability and delete rights of the companies Information System, are now more strict.<\/p>\n
In practice, GDPR brings such change into companies that some seem lost when looking at what needs to be done. To be able respond to the GDPR’s new requirements is not an easy task for companies which aren’t data management specialists.<\/p>\n
<\/p>\n
There are data management solutions responding to some technical and legal GDPR requirements. Here we’ll talk about the Bastion solution.<\/p>\n
A Bastion is comparable to an airlock where users and targeted servers meet. Through this airlock we can track in real (or deferred) time who does what, when, where and how. The goal is to detect and prevent potential attacks thanks to an intuitive and dynamic web interface (at least for Wallix, the technology I am using).<\/p>\n
As required by GDPR, answer traceability needs and security breach with a Bastion:<\/span><\/strong><\/p>\n <\/p>\n Thanks to the information\u00a0control offered by a Bastion, it is now possible to set up a security policy that meets traceability needs through users\u00a0control and authentication on servers, as well as the protection needs\u00a0by preventing risks of security breaches.<\/p>\n Beyond the Bastion, information control also requires a better knowledge of both personal and professional data content.<\/p>\n","protected":false},"excerpt":{"rendered":" Information doesn’t have A price For years, nations have used their very special agencies\u00a0(NSA, DGSE, KGB, etc.) to obtain a maximum of information on their enemies or their friends (we never know…). If we pay attention…<\/p>\n","protected":false},"author":27,"featured_media":5170,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[173,174,175,176,177],"class_list":["post-5240","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data-management-en","tag-bastion-en","tag-cyber-securite-en","tag-cyberattaque-en","tag-gdpr-en","tag-rgpd-en"],"yoast_head":"\n\n