No visibility in the GDPR era, be ready for BIG fines!
Legal problem!!! -
As of May 25, 2018 the EU General Data Protection Regulation (GDPR) went into effect. GDPR requires compliance for any company interacting with persons in the EU and enforces strict standards on data handling and extremely fast responses to breaches of Personally Identifiable Information (PII). Failing to fulfill these requirements can have dire consequences with fines ranging from a minimum €20.000.000,00 to 4% of a company’s gross annual earnings. The demands that the GDPR places upon an organization are not only daunting but can seem insurmountable.
Get Visibility #1
First steps - The first step - a data flow and dependencies map to identify:
- Data items (e.g. names, email addresses, records);
- Formats (e.g. online data entry, database);
- Transfer and sharing methods of data;
- Locations where data is stored and needs protection inside and outside;
- Who is connected to who and who has what information – via the network!
Technical problem #1 - Visibility
i.e. – access – Full visibility, filtering on databases to see who has access, servers where data is stored, who has access, apps that share data, ..etc
#1 Visibility - More Examples of visibility through packet broker panels - click on to expand
Technical issues – visuals /screen captures showing issues being solves (NPBs cannot entirely solve these issues because NPBs prepare the data for monitoring tools)
- Baseline visibility – different apps, areas of network…etc
- Performance issues internal, external from apps to internet..etc\
- Problems recognized – loss frames, duplicate paths, slow or no responses,
Back to Marketing and Sales - This is not an impossible task with a modern easy to use packet broker will be able to shed light on your organization’s traffic by providing full network visibility and eliminating the network “blind spots” that are so detrimental to GDPR compliance. Network monitoring and security tools are a critical component of the network infrastructure and the GDPR ups the ante for detecting and responding to breaches, leaks and security issues. With that in mind it is paramount that those tools always have a complete picture of the network.
The first step to achieving comprehensive network visibility is gaining access to the data traversing your network. TAPs allow devices and tools to see every bit of traffic on the wire and, unlike SPAN and mirror ports, TAPs monitor bidirectional traffic, pass all physical errors on the links, and will never drop packets due to an overburdened processor or oversubscribed port.
Once you have access to your traffic it becomes necessary to ensure that the traffic is forwarded to the appropriate monitoring and security tools accurately and efficiently. The role of the NPBs is to make sure that network monitoring and security tools receive all the relevant traffic needed to properly perform their functions and none of the unnecessary traffic that wastes computational resources. Copy, forward, and load balance traffic to tools such as IDS, IPS, DLP, DAM (Database Access Monitoring), Firewalls, and FAM (File Access Monitoring). Toolsets performing computationally expensive tasks (DLP, FAM, DAM) operate at speeds that are a mere fraction of that of the network. Modern NPB’s make it is possible to maximize the performance of these appliances by dropping irrelevant traffic beforehand while also ensuring that they see the entirety of the network (not just the edge) by aggregating multiple TAP traffic sources together. If a network monitoring or security appliance suffers a failure the Packetmaster will intelligently bypass the appliance or reroute the traffic to spare on standby. The ability for devices to integrate and interact in an autonomous and dynamic fashion can aid greatly in the efficacy and responsiveness of any security or monitoring solution!
The GDPR not only places additional emphasis on responsiveness and transparency with respect to data breaches, but mandates stricter rules with regards to the definition of PII and how it needs to be handled. While it is undeniably important to maintain complete network visibility it now becomes just as important to limit the exposure of traffic containing PII for persons in the EU. Network Packet Brokers MUST be able to be configured to identify traffic containing sensitive customer PII using filters. The ability to modify and push new frame and packet headers to traffic serves to obfuscate the original customer’s data (MAC and IP addresses are now both classified as potential Personally Identifiable Information) and the Packet Slicing/Truncate feature allows the payload to be stripped from sensitive traffic as needed. The ability to simply prevent sensitive traffic from reaching certain toolsets by dropping it is an option as well. Any advanced NPB deployed should be able to protect customer’s Personally Identifiable Information (PII) without compromising your organizations security and monitoring posture.
If have access to all your data for DPI, storage , security view…etc than you should know about the latest and most advanced Cubro Sessionmaster series of Network Packet Brokers that boast advanced features and filtering beyond OSI Layer 4 to Layer 7 with no lost due to filters. The ability to perform SSL decryption is key to inspect and monitor encrypted traffic streams. Regex pattern matching identifies critical PII (credit card numbers and phone numbers for example) which can then be masked, removed, or encrypted before being processed.
The General Data Protection Regulation will now introduce significant changes in the everyday operations of all businesses and organizations worldwide.
Check out Cubro,they are ready to provide your team with best network visibility tools possible to meet the demands of the GDPR and the other many challenges that you face daily.
Author- Derek is the senior sales engineer for Cubro’s North American operations. Derek began his career working in the technology sector with small to medium business clients. Tasks involved everything from pulling and testing cable, on-site support, equipment installs and configuration as well as managing hosted email and VoIP services. This eventually paved the way to the opportunity to work for Cubro and dive head-first into the Network Visibility space. Working for Cubro provides an environment that continually provides challenges and opportunities to develop new skills, knowledge, and problem-solving strategies. While there are truly unlimited facets to the technology space that intrigue Derek he is primarily focused on studying Network Automation, Network Security and Application Security and believes Network Visibility, as well as understanding how networks function, are critical aspects to each of these disciplines.