Dec 212017

As I have been recently engaging with clients discussing protection of Personal Data related to the GDPR and other privacy regulation compliance, I have come to understand that many organizations do not have a full insight into who is accessing their data. There is a big challenge with ensuring that databases and data stores are creating the correct audit trail across the IT landscape, and that the audit trail is stored in a sufficiently secure manner and periodically reviewed for unauthorized or unexpected access.

To be ready for the GDPR, Data Controllers and Processors needs to have a clear and reliable insight into who is accessing Personal Data. This will enable them to discover potential breaches before they cause real damage.

During a pre-study where I was engaged to look at ISO 27001 requirements in order for a client to get ready for GDPR, we concluded that a Data-Centric Audit and Protection Solution would be a good way of ensuring that an audit trail is created when users access Personal Data in both databases and files.

A Data-Centric Audit and Protection Solution can

  • assist in finding and classifying data to protect
  • assess the security of the database where the data is stored
  • assist in minimizing who is authorized to access the data
  • create audit trail of who is accessing data and store it separated from the system that is monitored
  • identify unwanted and abnormal access using automated advanced analytics
  • block future access if misuse is discovered to ensure that the data is safe
  • help data owners getting insights into who is accessing the data and assists in the upholding of compliance

Unlike native database logging, Data-Centric Audit and Protection Solutions has a low impact on database and application performance as creation of audit trails are offloaded to external appliances. This can lower the cost of running database servers and improve the user experience for your business users.

In addition, Data-Centric Audit and Protection can track the application end user which is accessing data through enterprise applications.

Get in touch if you would like to know who is accessing your data.

Capgemini is partnering with the leading global vendors and can assist you in finding and implementing the solution that is the best fit your organizations need.

click here for more details and apply to position

Tipical Questions
Describe A Time When Your Team Did Not Agree Questions pertaining to difficulties in the past are a way for employers to anticipate your future behavior by understanding how you behaved in the past and what you learned. Clarify the situation succinctly and explain what specific action you took to come to a consensus with the group. Then describe the result of that action.
Questions to ask
What can you tell me about your new products or plans for growth? This question should be customized for your particular needs. Do your homework on the employer’s site beforehand and mention a new product or service it’s launching to demonstrate your research and interest. The answer to the question will give you a good idea of where the employer is headed.