GDPR and the Need for a Smart Approach to Service Assurance
June 28, 2018

Michael Segal
NetScout

Share this

Following the introduction of the EU General Data Protection Regulation, or GDPR, on May 25 this year, organizations across the globe with customers and suppliers in the European Union have been working to ensure they are compliant, and bringing the subject of data projection to the front of everyone's mind.

It's little surprise that network security and information assurance are key to complying with the GDPR; the regulation includes a requirement for measures to be put in place that will mitigate the risk associated with assuring the availability and integrity of an organization's information in the event of an attack or outage, for example.

Article 32 is concerned with confidentiality, integrity, availability and resilience of processing systems and data, and with the speed at which availability and access to personal data can be restored in the event of downtime resulting for a breach or network outage. Of course, as the information protected by the GDPR and other similar regulations constantly traverses the network, it's important to assure its availability, reliability and responsiveness. Indeed, not only is this important for regulatory compliance, it should be high on the list of priorities for any business.

Given the size and complexity of today's IT networks, however, it can be almost impossible to detect just when and where a security breach or network failure might occur. It's critical, therefore, that businesses have complete visibility over their IT networks, and any applications and services that run on those networks, in order to protect their customers' information, assure uninterrupted service delivery and, of course, comply with the GDPR.

Insight and Intelligence

The volume of data being produced has exploded in recent years and this is only set to continue, with analysts predicting a tenfold increase within the next decade, 60 percent of which will be generated by enterprises.

Much of this will comprise what the GDPR, and other regulations such as PCI-DSS and HIPAA, define as personal data: the personal email addresses, phone numbers, IP addresses and credit card information that may be collected and recorded by a business. For compliance purposes, it's important that networking teams are able to understand how this data traverses their organization's networks, the paths it will take and where it will be stored.

Keeping track of this information requires full visibility across the entire network, including data centers, applications and the cloud. To comply with regulatory requirements around the processing of data, as well as for service and security assurance, businesses should consider a smart approach to the way they handle data. Such an approach would involve monitoring all "wire data" information, that is every action and transaction that traverses an organization's service delivery infrastructure, and continuously analyzing it and compressing it into metadata at its source. This "smart data" is normalized, organized, and structured in a service and security contextual fashion in real time. The inherent intelligence of the metadata enables analytics tools to clearly understand application performance, infrastructure complexities, service dependencies and, importantly for GDPR compliance, any threats or anomalies.

Essentially, continuous monitoring of this wire data means that businesses can have access to contextualized data that will provide them with the real-time, actionable insights they need for assurance of effective, resilient and secure infrastructure, crucial for complying with the GDPR, not to mention for much of modern business activity.

More at Stake than Ever

The recent implementation of the GDPR means that any organization that processes the personal data of UK citizens, regardless of where in the world that organization is located, is now within the scope of the law. Much has been written over the past year on the eye-watering financial penalties that could be imposed on any company found to be neglectful in fulfilling its duty to protect the privacy of that data. The privacy and protection of personal data have always been considerations for a business, but with the prospect of facing fines of up to €20 million or four percent of annual turnover, there is more at stake for businesses than ever before.

With robust protection in place, and with visibility, insight and intelligence delivering assurance of complete network availability, businesses across the world breathe a little easier that the reliability of their networks, and of the applications that run on those networks, meet the requirements of the GDPR.

Michael Segal is VP of Strategy at NetScout
Share this

The Latest

September 21, 2018

The performance gap between customer experience leaders and runners-up is widening, with those on top being disproportionately rewarded. Gartner said organizations must ignore three myths in order to achieve a superior customer experience ...

September 19, 2018

This summer marked three years since Microsoft announced Windows 10, its first "Windows as a service" Operating System (OS). Windows 10 brought with it a new Software-as-a-Service-like approach to updates, moving Microsoft and the millions of environments that depend on it, more frequent, bundled updates. Whether you believe the shift was for better or worse, one thing is certain, this "as a service" model is a natural progression for today's operating systems. That is why Windows 10 is changing not only how frequently updates are pushed out, but inherently how technology is purchased, how people consume it, and perhaps most importantly, how IT is run. Let's take a look at how Windows 10 has impacted these three key areas over the past three years ...

September 18, 2018

To celebrate IT Professionals Day 2018 (this year on September 18), the SolarWinds IT Pro Day 2018: A World Powered by Tech Pros survey explores a "Tech PROactive" world where technology professionals have the time, resources, and ability to use their technology prowess to do absolutely anything ...

September 17, 2018

Are digital war rooms obsolete because they're just a place for managers of siloed business units to find someone else to blame for a critical IT event such as a security breach? Far from it. Enterprises find these emergency response teams just as important, if not more important, than ever ...

September 14, 2018

The goal of EMA's latest research was to look at how advanced IT analytics (AIA) — EMA's term for primarily what today is best known as "AIOps" — is being deployed. Here are the remaining four of my seven personal takeaways ...

September 13, 2018

OK, the data is in! The goal of EMA's latest research was to look at how advanced IT analytics (AIA) — or EMA's term for primarily what today is best known as "AIOps" — is being deployed. Here are seven of my own personal takeaways ...

September 12, 2018

By maximizing the knowledge of end-to-end quality of service (QoS) using virtualized network functions (VNFs), the SD-WAN (edge) gateway establishes a suitable connection with minimal latency and maximum performance so that entire organizations can make the most of the Office 365 application suite ...

September 11, 2018

Market exuberance for Office 365 has inspired business mandates to adopt the cloud-hosted collaboration and productivity suite without regards to the underlying chaos. While multi-location organizations are virtualizing, operating models haven’t necessarily changed. This partial transformation that excludes automation and simplification of the network puts Office 365 deployments (and other software-as-a-service offerings) in danger of failing ...

September 10, 2018

Most organizations are undergoing a digital transformation that directly impacts how they do business, yet 70 percent of employees have not mastered the skills they need for their jobs today, and 80 percent of employees do not have the skills needed for their current and future roles, according to Gartner ...

September 06, 2018

In a survey within the VMware User Group community, Blue Medora took a closer look at how various metric collection strategies and access to Dimensional Data impacts IT success. We started with one question: How important is your monitoring integration strategy? ...