The challenges, opportunities and required steps for GDPR compliance, as seen by experts in mobile device security
Tuesday, 08 May, certSIGN brought together giants of the IT-Security-Tech, Gemalto and Samsung industry in a debate with practical applications on how to align companies with GDPR requirements and about the products and services that certSIGN has developed to protect data personal. The experts of the three companies discussed the challenges and opportunities of the Regulation and the rules that companies have to respect for compliance.
Gemalto presented the main causes for the fraudulent loss of or access to personal data, focusing on organizations' preference to focus on perimeter and communications protection, ignoring the actual protection of data. Internal studies warn that 70% of security breaches are due to weak passwords. Encrypting data, secure access to information with strong authentication methods (two-factor authentication) contribute to better protection along with security policies and procedures.
Samsung highlights the key factor in personal data protection - mobile devices. Specifically, compliance with GDPR can not be achieved if information on mobile devices is not protected.
certSIGN reminds us that GDPR is not new to those who are already processing personal data. Much of the data protection and data protection requirements also existed in law 677/2001. By implementing the Regulation, companies and state institutions will demonstrate that they process customer data in good faith:
"Before making any decision about their data, companies must honestly answer the question of why data should be processed in that way. This will lead to accurate data processing and protection", says Adrian Floarea, general manager of certSIGN.
The long awaited moment included the practical demonstration in which several applications developed by certSIGN for security of communications and data privacy protection were presented, which support the creation of a unitary security policy in an organization. They aim to provide a unitary level of protection, regardless of where data is accessed: computer, laptop or mobile device.
certSIGN contributes to the development of the IT security market and comes with its own data encryption solutions across all working environments: computer, laptop, mobile devices. At the same time, through the ReCRED project (www.recred.eu), it invests in research - by developing secure authentication methods, in line with the GDPR requirements for access control and anonymization of user data.