Channel partners fulfill a critical role for their customers by guiding them toward the best technology investment given their unique business needs. Until now, the notion of data security was highly important but not viewed through the lens of meeting PII data privacy compliance requirements. However, with the rise of conflicting US regulations between states and the federal government, as well as the imminent implementation of EU’s GDPR, channel partners have a unique opportunity to further extend their value.
Let’s explore, just a bit, how complex, confusing and convoluted the data privacy landscape is:
- 47 US states have data privacy laws on the books each with their own compliance rules
- 72 hours is the deadline for breach notification to meet GDPR regulation
- US ISPs can now monetize data collection, similar to their social media counter parts
- US federal government has passed that data privacy rules do not extend to non-US citizens and
- US enterprises that house EU citizen PII data must comply to GDPR according to the regulation – it may be hard to collect fines against them, but they can be sued
- Privacy Shield related legislation allows for EU citizens to file class action lawsuits against US companies for data mishandling
...and the list goes on and on.
Most of the conversation regarding data privacy preparedness have been geared toward all the things that businesses need to do in order to become compliant. It’s easy to say; but how do you connect the dots between what needs to be done and actually doing it?
At CSPi, we recommend the following best practices for improving Cyber-Attack incident response and meeting data privacy compliance regulations:
- Know what types of critical data you have and where it resides
- Tune your threat detection systems to watch these devices
- Capture and record all data conversations involving these applications on these assets
- Extract the particular conversations when you get a corresponding alert from your firewall/IDS for detailed analysis – to verify if a breach occurred and what was accessed
- Automate the process with as little human interaction as possible
Channel partners who can marry these two elements together and can educate the customer on how best to deal with these requirements will have the advantage over other industry providers. Our Myricom nVoy solution was built to meet these latest compliance regulations while uniquely suited achieving best-in class practices as outline above.
I encourage you to review our newly published article on Channel Partners for more details regarding partner engagement. Contact us about your data security requirements and we’ll help find an optimized solution.
To learn more about our Myricom nVoy Series and Advanced Forensic Framework, download our Application Note.