1 / 16

Enhancing Network Security for GDPR Compliance: 12 Best Practices

Discover essential steps to create a GDPR-aware network with technical and organizational measures. From data classification to disaster recovery, implement these best practices to secure your network and protect sensitive data.

swillis
Download Presentation

Enhancing Network Security for GDPR Compliance: 12 Best Practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 12 STEPS TO A GDPR AWARE NETWORK Technical and Organisational Measures Best Practises Neil Douglas Technical Director and GDPR Data Protection Officer at Network ROI

  2. STEP 1: DATA CLASSIFICATION • Definition and classification of data into public, restricted, confidential • Every document should be marked with the appropriate classification

  3. STEP 2: CONFIGURATION CHANGE MANAGEMENT • Ensuring a change on the network doesn’t have adverse consequences for security • Ensuring changes are planned and outcomes are predictable

  4. STEP 3: ADMINISTRATOR CONTROLS AND SEPARATION OF DUTIES • Removing local admin rights from users • Use a separate administrator account for admin level tasks

  5. STEP 4. REMOTE ACCESS • Secure your remote access via VPN or 2 Factor Authentication • Ensuring you have a mobile working policy • Use mobile device management software to secure mobile devices

  6. STEP 5. SECURE SYSTEM CONFIGURATION • Change all default usernames & passwords on new devices • Close all unused ports on Firewalls • Disable all unused services and applications on servers and network hardware • Ensure admin level access is restricted

  7. STEP 6. VULNERABILITY MANAGEMENT • Enable automatic software updates where possible • Retire out-of-date network hardware, applications and Operating Systems • Detect and fix security vulnerabilities on a regular basis

  8. STEP 7. ACCESS CONTROL • Don’t use shared accounts • Immediately disable old accounts when people leave the company • Minimise administrative accounts • Review password age and password policies

  9. STEP 8. NETWORK-BASED SEGMENTATION • Separate core network functions such as the main business network, public Wi-Fi, development, Telephony and CCTV • Document the network and its boundaries

  10. STEP 9. ENCRYPTION • Encrypt all personal and sensitive data wherever it is stored - such as servers, laptops, external hard drives, tablets, mobiles and USB keys. • Ensure all data in transit is encrypted (i.e. via SSL)

  11. STEP 10. DATA LOSS PREVENTION • Preventing personal data leaving the network via unauthorised means such as shadow IT • Monitors data movement on the network

  12. STEP 11. USER ACTIVITY / INSIDER THREAT MONITORING • We’re not interested to know how long Kevin has been on Facebook or Twitter - that’s an HR issue! • Detects suspicious logins / failed logins • Detects other behavioural factors from within the company network

  13. STEP 12. DISASTER RECOVERY • Make sure you have a robust backup and Disaster Recovery solution in place • Make sure it is tested regularly • Learn from the DR test and hone the process

  14. STEP 13: YOUR PEOPLE • YOU are the weakest link in your network. • Implement a robust cyber security user awareness program – IASME or ISO 27001 • Train users in secure practices • Turn the weakness into your greatest strength • Consider simulated attacks to benchmark user awareness

  15. THANKS FOR YOUR TIME • If you have any questions about any of the topics covered today, please come and talk to us.

More Related