GDPR and the Need for a Smart Approach to Service Assurance
June 28, 2018

Michael Segal
NetScout

Share this

Following the introduction of the EU General Data Protection Regulation, or GDPR, on May 25 this year, organizations across the globe with customers and suppliers in the European Union have been working to ensure they are compliant, and bringing the subject of data projection to the front of everyone's mind.

It's little surprise that network security and information assurance are key to complying with the GDPR; the regulation includes a requirement for measures to be put in place that will mitigate the risk associated with assuring the availability and integrity of an organization's information in the event of an attack or outage, for example.

Article 32 is concerned with confidentiality, integrity, availability and resilience of processing systems and data, and with the speed at which availability and access to personal data can be restored in the event of downtime resulting for a breach or network outage. Of course, as the information protected by the GDPR and other similar regulations constantly traverses the network, it's important to assure its availability, reliability and responsiveness. Indeed, not only is this important for regulatory compliance, it should be high on the list of priorities for any business.

Given the size and complexity of today's IT networks, however, it can be almost impossible to detect just when and where a security breach or network failure might occur. It's critical, therefore, that businesses have complete visibility over their IT networks, and any applications and services that run on those networks, in order to protect their customers' information, assure uninterrupted service delivery and, of course, comply with the GDPR.

Insight and Intelligence

The volume of data being produced has exploded in recent years and this is only set to continue, with analysts predicting a tenfold increase within the next decade, 60 percent of which will be generated by enterprises.

Much of this will comprise what the GDPR, and other regulations such as PCI-DSS and HIPAA, define as personal data: the personal email addresses, phone numbers, IP addresses and credit card information that may be collected and recorded by a business. For compliance purposes, it's important that networking teams are able to understand how this data traverses their organization's networks, the paths it will take and where it will be stored.

Keeping track of this information requires full visibility across the entire network, including data centers, applications and the cloud. To comply with regulatory requirements around the processing of data, as well as for service and security assurance, businesses should consider a smart approach to the way they handle data. Such an approach would involve monitoring all "wire data" information, that is every action and transaction that traverses an organization's service delivery infrastructure, and continuously analyzing it and compressing it into metadata at its source. This "smart data" is normalized, organized, and structured in a service and security contextual fashion in real time. The inherent intelligence of the metadata enables analytics tools to clearly understand application performance, infrastructure complexities, service dependencies and, importantly for GDPR compliance, any threats or anomalies.

Essentially, continuous monitoring of this wire data means that businesses can have access to contextualized data that will provide them with the real-time, actionable insights they need for assurance of effective, resilient and secure infrastructure, crucial for complying with the GDPR, not to mention for much of modern business activity.

More at Stake than Ever

The recent implementation of the GDPR means that any organization that processes the personal data of UK citizens, regardless of where in the world that organization is located, is now within the scope of the law. Much has been written over the past year on the eye-watering financial penalties that could be imposed on any company found to be neglectful in fulfilling its duty to protect the privacy of that data. The privacy and protection of personal data have always been considerations for a business, but with the prospect of facing fines of up to €20 million or four percent of annual turnover, there is more at stake for businesses than ever before.

With robust protection in place, and with visibility, insight and intelligence delivering assurance of complete network availability, businesses across the world breathe a little easier that the reliability of their networks, and of the applications that run on those networks, meet the requirements of the GDPR.

Michael Segal is VP of Strategy at NetScout
Share this

The Latest

October 14, 2021

Businesses are embracing artificial intelligence (AI) technologies to improve network performance and security, according to a new State of AIOps Study, conducted by ZK Research and Masergy ...

October 13, 2021

What may have appeared to be a stopgap solution in the spring of 2020 is now clearly our new workplace reality: It's impossible to walk back so many of the developments in workflow we've seen since then. The question is no longer when we'll all get back to the office, but how the companies that are lagging in their technological ability to facilitate remote work can catch up ...

October 12, 2021

The pandemic accelerated organizations' journey to the cloud to enable agile, on-demand, flexible access to resources, helping them align with a digital business's dynamic needs. We heard from many of our customers at the start of lockdown last year, saying they had to shift to a remote work environment, seemingly overnight, and this effort was heavily cloud-reliant. However, blindly forging ahead can backfire ...

October 07, 2021

SmartBear recently released the results of its 2021 State of Software Quality | Testing survey. I doubt you'll be surprised to hear that a "lack of time" was reported as the number one challenge to doing more testing, especially as release frequencies continue to increase. However, it was disheartening to see that a lack of time was also the number one response when we asked people to identify the biggest blocker to professional development ...

October 06, 2021

The role of the CIO is evolving with an increased focus on unlocking customer connections through service innovation, according to the 2021 Global CIO Survey. The study reveals the shift in the role of the CIO with the majority of CIO respondents stating innovation, operational efficiency, and customer experience as their top priorities ...

October 05, 2021

The perception of IT support has dramatically improved thanks to the successful response of service desks to the pandemic, lockdowns and working from home, according to new research from the Service Desk Institute (SDI), sponsored by Sunrise Software ...

October 04, 2021

Is your company trying to use artificial intelligence (AI) for business purposes like sales and marketing, finance or customer experience? If not, why not? If so, has it struggled to start AI projects and get them to work effectively? ...

September 30, 2021

As remote work persists, and organizations take advantage of hire-from-anywhere models — in addition to facing other challenges like extreme weather events — companies across industries are continuing to re-evaluate the effectiveness of their tech stack. Today's increasingly distributed workforce has put a much greater emphasis on network availability across more endpoints as well as increased the bandwidth required for voice and video. For many, this has posed the question of whether to switch to a new network monitoring system ...

September 29, 2021

When a website or app fails or falters, the standard operating procedure is to assemble a sizable team to quickly "divide and conquer" to find a solution. The details of the problem can usually be found somewhere among millions of log events and metrics, leading to slow and painstaking searches that can take hours and often involve handoffs between experts in different areas of the software. The immediate goal in these situations is not to be comprehensive, but rather to troubleshoot until you find a solution that remedies the symptom, even if the underlying root cause is not addressed ...

September 28, 2021

Evaluating which products and vendors can meet today's modern and complex IT business requirements is a challenge. To help, I'd like to explore 10 key questions every IT admin should be asking when evaluating or working with network performance tools ...