The threat to data is real. According to our 2017 Global Data Threat Report, 68 percent of respondents have experienced a breach in the past, with 26 percent experiencing a breach in the last year. Both of these numbers rose from last year.
In some cases, governments are putting measures in place to help limit the damage caused by cyberattacks. In the EU, the General Data Protection Regulation (GDPR) looms just over the horizon. Intended to improve personal data protections, restrict the international flow of private data and increase accountability for data breaches, it is perhaps the most comprehensive data privacy standard to date. As my colleague and our CEO Alan Kessler noted in a previous blog, Australia has also taken steps to strengthen its data protection regulations with the Privacy Amendment, a bill focused on data breach disclosures.
Taking Responsibility Means Taking Action
Nevertheless, regulatory bodies have limited control over data held by non-governmental organizations. Ultimately, the onus is on organizations handling sensitive data – such as personally identifiable information (PII) or public health information (PHI) – to protect that data wherever it is created, shared or stored. The pressures businesses continue to experience is one of the reasons why we’ve collaborated with Rackspace on its latest cybersecurity offering, the Rackspace Privacy and Data Protection (PDP).
Designed to protect sensitive data in a customer’s environment, the PDP also helps companies meet strict compliance requirements around securing data at rest. One of the ways the PDP accomplishes this is by utilizing the Vormetric Transparent Data Encryption platform by Thales.
The security and compliance benefits of PDP are numerous. They include:
- Risk Assessments: Customers work with Rackspace to document what specific types of data they have, how sensitive that data is, where it is stored, and what or who needs to access the data
- Enhanced Data Protection: Deploys technology platforms to restrict access to approved company personnel and processes, while generating detailed information about unauthorized access by users, applications and systems to sensitive data
- Detailed Compliance Reporting: Delivers detailed monthly reporting to provide customers with a comprehensive view of their data usage and how its protection status
With PDP, businesses get a fully managed data protection service, including data classification, data access policies, encryption and activity reporting. It’s thorough, comprehensive and hands-on because this type of approach is necessary – especially for the many organizations using cloud, big data, IoT and Docker technologies to store critical customer data. It also gives them time back to do what they do best: run their businesses.
Have questions, or curious about our security solutions? Leave a comment below, or feel free to tweet me @CJRad.