The right approach to information security is important to comply with GDPR guidance. It requires a major revision of companies’ security strategy and tactics.
The reform imposes strict rules on those hosting and ‘processing’ data, anywhere in the world. The regulation presents some challenges to the accepted ways of managing data and makes clear the responsibilities of both the controllers of any data (whether corporate or individual) and the processors of any data.
Covenco Recovery Services helps firms with the information security measures necessary for GDPR compliance via:
Gap assessment against the GDPR standards for information security and incident response practices, to produce a roadmap to compliance
Understanding what data you have is essential to adequately protect your data! Using forensic tools, configuration reviews, interviews and process observations, our Information Security Consultant will develop a data inventory to accurately document all of the data repositories within your organisation. This will allow you to remove any duplicate repositories, understand vulnerabilities and potential threats to your data, define data owners, understand protection requirements then define and implement controls to protect what is required.
Monitoring services to support the information security and incident response aspects of GDPR
The GDPR mandates that adequate controls are implemented to protect your data assets. We will provide a holistic review of your security controls to identify vulnerabilities and weaknesses. This assessment will cover policies, data classification, process, people management and technical controls. The delivery from this activity will provide a clear, defined strategy to manage privacy risks. We will help you to prioritise your risks to build a roadmap and assist in all aspects of remediation and compliance with the GDPR.