Many organizations carry a burdensome responsibility to various regulatory bodies like the Securities and Exchange Commission or the US Department of Health and Human Services. These bodies can levy heavy fines on businesses that fall out of compliance or can’t demonstrate that they complied with industry security standards. Among the many tools and platforms available to organizations, network traffic analytics—and more specifically, network detection and response (NDR) technology—has become a go-to solution used to help businesses demonstrate compliance.Read more
The General Data Protection Regulation (GDPR) was adopted in April 2016 and went into effect May 2018. The European Parliament established GDPR as a mechanism to protect the personally identifiable information (PII) of European Union citizens. PII, as defined by GDPR, does not only encompass details like name, address, and birthday, but is much broader and includes online identifiers such as IP address, MAC address, cookie data, etc.
In my spare time, limited as it might be, I have been taking a deep dive class on anonymous browsing. Specifically, it goes into great detail on ways to hide under the radar and on many of the legal aspects of both sides. So far the class has been right up my alley!
The General Data Protection Regulation (GDPR) will go into effect on May 25, 2018. Although the European Union (EU) established the regulation, its reach extends across the globe. Any company that maintains personally identifiable information of EU citizens must comply or else risk significant GDPR fines.
The General Data Protection Regulation (GDPR) was adopted in April of 2016 and is set to go into effect on May 25, 2018. Between now and then, there is a lot for companies to consider and understand. The European Parliament established GDPR as a mechanism to protect the personally identifiable information (PII) of European Union citizens. PII, as defined by GDPR, is not simply details like name, address, and birthday, but is much broader and includes online identifiers such as IP address, MAC address, cookie data, etc.
Sometimes, opportunity comes from necessity. In the past week I was working on a larger deployment that had multiple compliance concerns. One of the specific rules required that we provide a fault tolerant solution. As you might have guessed, this required me to document how Scrutinizer leverages our Flow Replicator to provide the required fault tolerance. So when it came time to write my blog, it seemed logical to take the information that I gathered and share it with our blog community!
Every industry has a set of compliance standards to live up to, and many of these include cybersecurity components. Retail businesses maintain PCI DSS compliance; electric systems maintain NERC compliance, and so on. Generally, HIPAA applies to hospitals and other healthcare institutions. But as a recent HIPAA settlement at a university has proven, you may need to think about HIPAA compliance even if you don’t work in healthcare.
The European Union Data Protection Regulation (EUDPR) is imposing tougher data protection. Apparently the objective is to put pressure on businesses to put adequate security measures in place to prevent IS breaches.
I often receive calls from system administrators who want to set up a user bandwidth monitor. The admins aren’t always clear about what they mean by that, but by using NetFlow and IPFIX data it’s possible to create a variety of reports that could satisfy management’s demands for easily accessible insight into user activity. It’s simple enough to generate reports that show total bandwidth usage for the network’s devices. But we can also create reports that are fine tuned to monitor the bandwidth usage of discrete groups of users or of particular website URLs, so that management can keep abreast of what employees are doing and whether that use complies with enterprise network usage policy. I’m going to setup a couple of reports, then save them as gadgets on a dashboard so that managers will have quick and easy access to timely information about user activity.