GDPR and the Need for a Smart Approach to Service Assurance
June 28, 2018

Michael Segal
NetScout

Share this

Following the introduction of the EU General Data Protection Regulation, or GDPR, on May 25 this year, organizations across the globe with customers and suppliers in the European Union have been working to ensure they are compliant, and bringing the subject of data projection to the front of everyone's mind.

It's little surprise that network security and information assurance are key to complying with the GDPR; the regulation includes a requirement for measures to be put in place that will mitigate the risk associated with assuring the availability and integrity of an organization's information in the event of an attack or outage, for example.

Article 32 is concerned with confidentiality, integrity, availability and resilience of processing systems and data, and with the speed at which availability and access to personal data can be restored in the event of downtime resulting for a breach or network outage. Of course, as the information protected by the GDPR and other similar regulations constantly traverses the network, it's important to assure its availability, reliability and responsiveness. Indeed, not only is this important for regulatory compliance, it should be high on the list of priorities for any business.

Given the size and complexity of today's IT networks, however, it can be almost impossible to detect just when and where a security breach or network failure might occur. It's critical, therefore, that businesses have complete visibility over their IT networks, and any applications and services that run on those networks, in order to protect their customers' information, assure uninterrupted service delivery and, of course, comply with the GDPR.

Insight and Intelligence

The volume of data being produced has exploded in recent years and this is only set to continue, with analysts predicting a tenfold increase within the next decade, 60 percent of which will be generated by enterprises.

Much of this will comprise what the GDPR, and other regulations such as PCI-DSS and HIPAA, define as personal data: the personal email addresses, phone numbers, IP addresses and credit card information that may be collected and recorded by a business. For compliance purposes, it's important that networking teams are able to understand how this data traverses their organization's networks, the paths it will take and where it will be stored.

Keeping track of this information requires full visibility across the entire network, including data centers, applications and the cloud. To comply with regulatory requirements around the processing of data, as well as for service and security assurance, businesses should consider a smart approach to the way they handle data. Such an approach would involve monitoring all "wire data" information, that is every action and transaction that traverses an organization's service delivery infrastructure, and continuously analyzing it and compressing it into metadata at its source. This "smart data" is normalized, organized, and structured in a service and security contextual fashion in real time. The inherent intelligence of the metadata enables analytics tools to clearly understand application performance, infrastructure complexities, service dependencies and, importantly for GDPR compliance, any threats or anomalies.

Essentially, continuous monitoring of this wire data means that businesses can have access to contextualized data that will provide them with the real-time, actionable insights they need for assurance of effective, resilient and secure infrastructure, crucial for complying with the GDPR, not to mention for much of modern business activity.

More at Stake than Ever

The recent implementation of the GDPR means that any organization that processes the personal data of UK citizens, regardless of where in the world that organization is located, is now within the scope of the law. Much has been written over the past year on the eye-watering financial penalties that could be imposed on any company found to be neglectful in fulfilling its duty to protect the privacy of that data. The privacy and protection of personal data have always been considerations for a business, but with the prospect of facing fines of up to €20 million or four percent of annual turnover, there is more at stake for businesses than ever before.

With robust protection in place, and with visibility, insight and intelligence delivering assurance of complete network availability, businesses across the world breathe a little easier that the reliability of their networks, and of the applications that run on those networks, meet the requirements of the GDPR.

Michael Segal is VP of Strategy at NetScout
Share this

The Latest

July 09, 2020

Enterprises that halted their cloud migration journey during the current global pandemic are two and a half times more likely than those that continued their move to the cloud to have experienced IT outages that negatively impacted their SLAs, according to Virtana's latest survey report The Current State of Hybrid Cloud and IT ...

July 08, 2020

Every business has the responsibility to do their part against climate change by reducing their carbon footprint while increasing sustainability and efficiency. Harnessing optimization of IT infrastructure is one method companies can use to reduce carbon footprint, improve sustainability and increase business efficiency, while also keeping costs down ...

July 07, 2020

While the adoption of continuous integration (CI) is on the rise, software engineering teams are unable to take a zero-tolerance approach to software failures, costing enterprise organizations billions annually, according to a quantitative study conducted by Undo and a Cambridge Judge Business School MBA project ...

June 25, 2020

I've had the opportunity to work with a number of organizations embarking on their AIOps journey. I always advise them to start by evaluating their needs and the possibilities AIOps can bring to them through five different levels of AIOps maturity. This is a strategic approach that allows enterprises to achieve complete automation for long-term success ...

June 24, 2020

Sumo Logic recently commissioned an independent market research study to understand the industry momentum behind continuous intelligence — and the necessity for digital organizations to embrace a cloud-native, real-time continuous intelligence platform to support the speed and agility of business for faster decision-making, optimizing security, driving new innovation and delivering world-class customer experiences. Some of the key findings include ...

June 23, 2020

When it comes to viruses, it's typically those of the computer/digital variety that IT is concerned about. But with the ongoing pandemic, IT operations teams are on the hook to maintain business functions in the midst of rapid and massive change. One of the biggest challenges for businesses is the shift to remote work at scale. Ensuring that they can continue to provide products and services — and satisfy their customers — against this backdrop is challenging for many ...

June 22, 2020

Teams tasked with developing and delivering software are under pressure to balance the business imperative for speed with high customer expectations for quality. In the course of trying to achieve this balance, engineering organizations rely on a variety of tools, techniques and processes. The 2020 State of Software Quality report provides a snapshot of the key challenges organizations encounter when it comes to delivering quality software at speed, as well as how they are approaching these hurdles. This blog introduces its key findings ...

June 18, 2020

For IT teams, run-the-business, commodity areas such as employee help desks, device support and communication platforms are regularly placed in the crosshairs for cost takeout, but these areas are also highly visible to employees. Organizations can improve employee satisfaction and business performance by building unified functions that are measured by employee experience rather than price. This approach will ultimately fund transformation, as well as increase productivity and innovation ...

June 17, 2020

In the agile DevOps framework, there is a vital piece missing; something that previous approaches to application development did well, but has since fallen by the wayside. That is, the post-delivery portion of the toolchain. Without continuous cloud optimization, the CI/CD toolchain still produces massive inefficiencies and overspend ...

June 16, 2020

The COVID-19 pandemic has exponentially accelerated digital transformation projects. To better understand where IT professionals are turning for help, we analyzed the online behaviors of IT decision-makers. Our research found an increase in demand for resources related to APM, microservices and dependence on cloud services ...