21
GDPR and Technology Technology Services Group 6th July 2017
GDPR and Technology
Technology Services Group
6th July 2017
You can’t afford to ignore
the new regulations GDPR imposes a new set of security and privacy
requirements, and with the deadline for
compliance fast approaching, you need to begin
reviewing your data management practices now.
Failure to comply with GDPR could prove costly, but
equally there are significant benefits to be gained
from better understanding customers by better
understanding the information held on them.
Whilst there are a numerous governance and
procedural issues that need to be addressed,
technology should play a key role and those already
using Office 365 have access to powerful tools for
e-Discovery and the management of policies.
Of course, keeping personal data secure using
encryption, backup, device management and data
loss prevention is an absolute essential.
Why you can‘t afford to ignore GDPR
• Fines of £17.5m or 4% of global turnover,
whichever is higher
• Key principles such as the right to be
forgotten and information requests
• The requirement to notify a data breach
within 72 hours
• The need to establish a clear legal basis for
holding and processing personal data
Where technology can support GDPR compliance
DISCOVERY
• Identifying what personal data you hold
PROTECTION
• Establish controls to prevent, detect and
respond to vulnerabilities and breaches
MANAGEMENT
• Govern how data is used and accessed
REPORTING
• Maintain documentation, manage data
requests and report breaches
KEY TECHNOLOGIES
Rights management
Device management
E-Discovery
Anti-malware
Backup
Encryption
Data loss prevention
Automated workflow
GDPR – how technology can help
A range of resources to help you understand what’s required of your business
GDPR – resources: www.tsg.com/gdpr
GDPR compliance is not a linear process, however, it’s likely that you will need to
address these areas:
GDPR – roadmap
Securing your data Sophos SafeGuard Enterprise Encryption
allows you to protect information and
manage compliance. Safeguard is the most
complete data protection solution on the
market today, protecting data on multiple
devices and operating systems. So
whether you are working in the cloud or
on a laptop your data is secured.
SafeGuard Encryption is built to match
your organizational requirements and
processes without slowing down
productivity.
Modular options include;
• Safeguard for file shares
• Safeguard for devices
• Safeguard for cloud storage
• Safeguard for removal media
Key features • Single console to manage disk, file,
cloud and removal media encryption
• Provides quick view of security status on
all devices
• Simple reporting and auditing to
monitor compliance
• Internationally recognised encryption
standards
• Encrypts in the background so prevents
impact on users
• Prevent unauthorised users accessing lost
or stolen company data
• Ensures compliance with internal policy
and external regulation
• Transparently encrypts data on laptops,
desktops and portable media
• Manages 3rd party encryption tools like
BitLocker and Mac FileVault 2 drive
encryption
SafeGuard Encryption from TSG
Why you need Intercept X
Security in a business is key to protecting
crucial, sensitive documents, and also
defending from financial ransom.
Intercept X, from Sophos, is a new
generation of ransomware protection
that shields your business from any
Ransomware attack.
Around 54% of businesses in the UK are
affected by Ransomware, and this figure is
only going to increase if businesses have
no safeguard in place.
Protecting against
Malicious Malware
Sophos Intercept X is a subscription based
solution which prevents the malicious
spontaneous encryption of data by all forms
of ransomware.
Intercept X features Cryptoguard, which is an
exclusive Sophos patented technology to
block malware from entering your computer.
More importantly, Intercept X also offers
features like Root Cause Analysis, so you’re
able to track how an attack was attempted,
and Intercept X will learn how to prevent it
from happening again in the future, as well as
cleanse your entire computer of any dormant
malware that may be a threat in the future.
Key features • Cryptoguard blocks any Ransomware
attacks
• Integrates into any endpoint system
• Root Cause analysis
• Exploit prevention
• Clean Up cleanses your computer of any
dormant malware after an attack
• Prescriptive guidance for strengthening
your organisations security
• Blocks zero-day threats
Sophos Intercept X from TSG
Create a culture of
security and vigilence Over 90% of Ransomware attacks have
been successful via the use of emails, and
more specifically users clicking unsafe links
or opening unsafe attachments.
Sophos Phish Threat allows businesses to
‘test’ the vigilance of their users by
creating ‘fake malicious emails’,
monitoring their response and following
up with appropriate training for those who
fall victim.
Campaigns and training modules are fully
customisable, and the results are
presented in easily-formatted reports.
Manage simulated phishing campaigns
Personalized training for end users caught
out by a simulated attack
On-demand phishing assessments
Automated reporting on phishing and
training results
Sophos Phish Threat
Mobile device protection The last couple of years have witnessed an
explosion of tablets, smart phones and
transformers and many now use multiple
devices to access company networks, email,
business applications and other highly
sensitive information, managing work
alongside social lives.
These devices are mobile, data is often stored
locally and the divide between work and
personal use is becoming increasingly
blurred. In the world of social media,
exposure to security risks, data breaches and
privacy violations increases dramatically if the
devices themselves and the applications on
them are not adequately secured.
Sophos Mobile Control (SMC) delivers
comprehensive security and controls, from
anti-malware to encrypted file sharing for
sensitive corporate documents.
Key features • Manage and control iOS, Android
(including Samsung KNOX) and
Windows Phone
• Configure device policies and deploy
them over-the-air
• Enforce built-in security features such as
passcodes and device encryption
• Full loss and theft protection with lock,
wipe, and locate
• Set up group-based compliance policies
• Automatically scans all newly installed
apps for malware
• Quarantines infected devices
• Protects users from accessing malicious
websites and blocks web pages by
category
• Controls Wi-Fi, NFC, Bluetooth, access
to other app stores, and device
encryption
Enterprise Mobility Management (EMM) from TSG
Accelerated discovery of
advanced threats As advanced attacks continue to become
increasingly coordinated, Sophos has
developed a unique and unprecedented
solution to the protection of your
technology environment.
Sophos Security Hearbeat shares
intelligence in real time across a trusted
channel between your endpoints and your
firewall.
This simple step of synchronizing security
products that previously operated
independently creates more effective
protection against advanced malware and
targeted attacks, giving you instant
visibility into the security status of all your
protected endpoints and systems.
According to independent testing,
endpoints can be isolated in within 8
seconds of threat identification.
"We consider Sophos XG
appliances and Sophos
Heartbeat software to be a
significant innovation that
can raise security performance
standards for medium-sized
organizations"
451 Research
Synchronised Security
All-in-one protection Sophos UTM gives you complete security
from the network to the endpoint within a
single appliance that includes firewall,
VPN, IPS, WiFi, web filtering and
application control. Wherever your users
work, you can be confident they’re safe
from viruses and hackers.
Sophos UTM’s simple, intuitive user
interface (UI) lets you quickly protect your
network and users. And it makes day-to-
day management tasks easy.
Daily summary reports and at-a-glance
flow graphs mean you’ll know exactly
what’s happening with your users.
Using Intel multi-core technology, solid-
state drives and accelerated in-memory
content scanning, Sophos UTM delivers
truly outstanding performance.
• TSG is one of only two Sophos
Platinum Solution Partners in the UK
• Proven protection against exploits
and intruders
• Connect your offices
• Secure access for remote workers
• Safely authenticate users
• Easily manage daily tasks
• Maximize your network performance
Unified Threat Management from TSG
All the network protection you need to
stop sophisticated attacks and advanced
threats while providing secure network
access to those you trust.
• Network Firewall
• Intrusion Prevention System
• Advanced Threat Protection prevents
targeted attacks and APTs
• Secure VPN Access and remote
access with secure SSL or IPsec
• Site-to-Site VPN
• Self Service User Portal with built-in
reporting
• Protection against network flooding
– DoS, DDoS, port scan
• Deep packet inspection with over
18,000 definitions
With content-based threats a constant
problem for businesses of all sizes Sophos
UTM’s Secure Web Gateway prevents
malware infections and gives you control
over your employees’ web use. Spyware
and viruses are stopped before they can
enter the network. And, you can quickly
create policies that set where and how
employees spend time online.
• Web Malware Protection
• URL Filtering Policies
• SafeSearch, YouTube, and Google Apps
• HTTPS Scanning
• Application Control
Simplify your wireless networking by
using Sophos UTM as a wireless controller
to centralise your WiFi management
and security.
• Plug & Play Deployment
• Multiple WiFi Zones
• Reliable High-Speed Wireless
• Mobile Network Access Control
• Guest WiFi Hotspots
• Secure Encryption
• Complete UTM protection for wireless
clients
• Quick voucher-based guest access
customisable with your brand
• Centrally controlled wireless
• No local configuration of access points
• Automated channel optimisation for
maximum performance
Unified Threat Management from TSG
Not just data protection Datto provides an industry leading hybrid
on premise & cloud backup & DR solution.
This advanced technology provides
localised granular data backup and
recovery, with a secondary cloud backup
to provide real peace of mind.
Coupled with the high quality backup is
the ability to locally recover servers on the
Datto appliance in the event of a disaster.
If the local appliance is also affected by the
disaster, the solution provides the ability to
recover your servers in the Datto cloud
providing continuity of service.
Key features • Secure Data Backup on premise with
rapid local granular restore
• Hybrid Cloud backup to provide
additional off site backup copy
• On premise Disaster Recovery, keeps
your business operational
• Cloud Disaster Recovery, provides
recovery even if local DR service lost
• Data de-duplication & compression
• 500GB to 30TB backup options
• 1 year cloud retention with unlimited
data capacity
• 3 Year service plan with hardware
warranty included
• Backup monitored and protected with
TSG SystemCare
• Screenshot verification
• AES 256 + SSL key-based encryption
•
Datto Solution Overview
Featured Technology Instant On-Site/Off-site Virtualisation
Instant local appliance or secure server
recovery to the cloud.
Inverse Chain TechnologyTM
Each time a backup occurs it converts
directly to a Virtual Machine (VM) with the
most recent always being the base.
End to End Encryption
All data protected by AES 256 encryption
in transit and in the cloud. Optionally you
can also encrypt data locally.
Screenshot Backup Verification
Datto appliances boot the VM after
backup and screenshot to prove successful
Backup Insights
Easily identify file or application changes
between any two backups
Centralised Management
Easy to use web based console to manage all
Datto appliances
Bare Metal Restore
Restore full VMs efficiently through USB using
disimilar hardware. No drives or cables
needed.
Broad Platform Support
From Windows 2000 to 2012 and granular
restore of MS Exchange and SharePoint.
Solution Elements • Instant On-Site Virtualisation
• Instant Off-Site Virtualisation
• Hybrid VirtualisationTM
• Local and Off-Site File Level Restore
• VMDK/VHD Export
• Inverse Chain TechnologyTM
• RoundTrip Device Seeding
• Screenshot Backup Verification
• Bare Metal Restore
• Granular Exchange and SharePoint
Recovery
• End-to-End Encryption
• Unlimited Cloud Storage Capabilities
• Backup InsightsTM
• ownCloud on SIRIS
• Unlimited Agent Licensing
Datto Solution Elements
Backupify O365 Backup
Datto Backupify for Office 365 is the
leading cloud-to-cloud backup solution,
offering an all-in-one backup, search,
restore and export solution for Office 365.
An astonishing 1 in 3 companies report
losing data stored in cloud-based
applications.
Gone. Lost. Forever.
Backupify ensures that companies can
access, control, and most importantly, own
the data they entrust to the cloud.
As companies increasingly move data into
cloud-based applications, many think
traditional IT best practices are outdated.
Secure Balance security and transparency with
powerful security controls and robust user
lifecycle management, as well as
protecting valuable business data from
accidents or malicious acts.
Why Backupify? Many aren’t aware that Office 365 data,
including emails and documents held in
OneDrive and SharePoint, is only retained on
a 30 day rolling basis.
Equally, if an Office 365 account is deleted or
transferred, even temporarily, all associated
data is deleted with immediate effect.
Backupify ensures business-critical data is
always backed up seamlessly, restored quickly
and protected securely, all while giving
companies more authority to manage and
own their data.
Trusted backup Spend more time on business and less time
managing backups.
• Automatic 3x/day backup for Exchange,
OneDrive, and SharePoint
• Perform additional backups as needed
at any time
• Dashboard for notifications at a glance
• Unlimited data storage in Datto Cloud
Effortless restore • Advanced search capabilities to restore
individual items or entire folders
• One-click restore for ease and speed
• Differentiate restored data in the SharePoint
Library to avoid overwriting data
• Retain user data – even inactive users – with
Backupify forever
• Access historical snapshots or versions of all
business data with help from our 24/7
Support Team
• Retrieve data in its original format (file and
label structure)
Datto Backupify for Office 365
Automated SharePoint
Metadata
Notoriously labour intensive and subject
to individual interpretation, accurate
metadata has long been the holy grail for
those managing complex document and
data sets.
Using ground breaking technologies like
Natural Language Processing and Machine
Learning to effectively ‘read’ documents,
TermSet is well positioned to revolutionise
search, governance and navigation
resulting in huge savings of time and
money.
By automatically adding accurate,
consistent metadata and taxonomies
Termset is likely to have a significant
impact on the deployment of SharePoint
solutions, especially where the focus is on
knowledge or document management.
Key Issues • Users rarely add reliable metadata
• Random or inconsistent metadata is
worse than none at all
• Tagging legacy content can be
extremely time-consuming
• According to IDC over 80% of
information is in unstructured content
such as Office documents, PDFs and
• And average workers spend 2.5 hours
a day searching for information
• Gartner suggests that organisations
who solve the metadata challenge –
exactly what TermSet does - will have
a significant competitive advantage
Metadata & taxonomy? Metadata is the tags that allow you to
search for relevant information – i.e. size,
location, order no. customer ID, etc. and
taxonomy is how metadata is categorised.
How TermSet works Termset intelligently recognises entities
within documents and can also identify
information such as concepts, sentiment
and relationships
TermSet
Discovery & Enrichment
FIG.1 shows a document library before the
documents have been ‘read’ by TermSet.
The information generated when the
documents were created is limited to date
and author which are of limited value.
FIG.2 shows that a number of columns, i.e.
taxonomies, and metadata have been
automatically added following TermSet’s
‘Discovery and Enrichment’ phases.
Based on an average reading speed
of 250wpm and an average page
containing 500 words, it would take
one person 14.5 days to read, build
taxonomies for and manually tag
1,000 2 page documents.
We’ll show you how TermSet could
do the same and more within a
matter of seconds.
TermSet in action
FIG.1
FIG.2
The GDPR Challenge
The incoming General Data Protection Rules (GDPR)
will have a significant impact on all businesses, with
stringent rules on the way your organisation
processes, handles and owns Personally Identifiable
Information (PII).
With the Right to be Forgotten, customers and
colleagues can request the removal of their data
from your systems within only 72 hours.
With fines of 4% of global turnover or £17.5m –
whichever is higher – for non-compliance, abiding
by GDPR is essential to your business, no matter the
size. But how do you discover all of your PII data?
The solution: TermSet ScanR ScanR automatically scans all documents for PII and
retrieves any sensitive personal data. It works across
many systems including SharePoint, Office 365,
OneDrive, CRM, multiple databases, Google Docs,
Dropbox and more.
What’s more, once this information has been
retrieved, you can set up workflows for routing,
governance, classification and quarantine purposes.
• Automatically scans, identifies and
retrieves all personal info in documents
• Auto-generated dashboards show you
where your sensitive data appears
• Allows you to comply with GDPR while
saving significant amounts of time
• Query your data quickly to respond to
compliance requests immediately
ScanR from TermSet
See The Whole Story
Within Your Data.
You’ve got your data. Now how can you
transform your data from an underutilised
asset into a competitive advantage?
Qlik Sense® is the next-generation visual
analytics platform that empowers everyone to
see the whole story that lives within their data.
Freely explore, cleanse, transform and unify
multiple data sources to discover insights you
never thought possible.
With Qlik Sense®, you can easily create flexible
and interactive ways of presenting your data, in
a way that’s simple to use and understand on
any device, anytime.
Whether simply consuming, exploring and
analysing, creating, or collaborating – Qlik
Sense provides visual analytics capabilities that
delight and empower everyone.
The highlights • Next-generation Business Intelligence
software that allows anyone to see the
whole story within their data.
• Smart visualisations introduce innovative
ways to convey meaning in data.
• Visualisations dynamically update to
changes in context from user interactions
anywhere in the app.
• Every user becomes a business analyst.
Simply drag and drop to create new
visualisations in seconds.
• Probe ALL possible associations that exist
within your data, across ALL of your data
sources, and explore new relationships.
• Find and share relevant analyses through a
centralised, governed hub.
• Advanced data preparation allows
organisations to cleanse, transform and unify
data from seemingly disparate sources.
Introducing Qlik Sense®
Process automation
and improvement
The powerful combination of forms and
workflow from Nintex allows you to tackle
everything from basic business functions
to company-wide processes.
It’s the tool that our team of award winning
SharePoint experts turn to when building
solutions that deliver significant business
process improvements for our customers.
Start by asking yourself “What’s my most
manual process?” and the chances are TSG
can automate it with Nintex.
Using Nintex, you can quickly turn time-
consuming, manual steps into automated,
efficient workflows; assigning tasks;
gathering input; publishing documents;
recording opportunities; approving
requests; and far more.
Forms and workflow can make an impact across all areas of the business:
HR
• From training and performance reviews to to
leave requests and employee onboarding
OPERATIONS
• Purchase, procurement & works orders;
Supplier, contract & project management
IT
• Service desk requests, managing users,
maintenance and upgrades
FINANCE AND ADMINISTRATION
• Expense approvals, bank account
management, governance & compliance
SALES AND MARKETING
• Opportunity management, sales order
processing and campaign management
CUSTOMER SERVICES
• Knowledge management, guided
questioning & complaints management
Nintex Forms and Workflow
Winner of the 2016 Solution
Innovation award for EMEA
Connect content to
automate processes Currently in preview and available as part
of Office 365, Flow allows you to automate
almost any time-consuming task or
process.
Whether it's a complex multistep process
or a simple one-step task, your Flows work
in the background to boost your team's
effectiveness, productivity, and
performance.
Flow connects with 45 popular online
services and new gateway functionality
allows you to establish secured
connections with on-premise data sources
and integrate them with your Flows.
Key Features How you might use Flow
• Connect to a wide range of external data sources
• Create from scratch or use pre-existing templates
• Add actions and conditions
• Particularly powerful when used with SharePoint and PowerApps
• Provide a simple way to share or collect information
• Set up a simple one-step Flow that notifies the
whole team whenever a work item is updated
• Create a complex multistep Flow that captures,
tracks and follows up with new sales leads
• Get notifications, synchronise files, organise data
and automate approvals
Microsoft Flow
Help your users to
remain compliant Compliance tools within Office 365 allow
you to identify, monitor, and protect
sensitive data and even help users
understand and manage data risk.
Office 365 data loss prevention helps you
stop data leakage before it starts, by
setting up and applying policies and rules
that fit the needs of your business and the
type of data you hold.
Policy tips ensure that users don’t email
sensitive information to unauthorised
recipients, thereby preventing the
accidental release of confidential data.
Identify sensitive information
Protect and prevent inadvertent disclosure
Works across multiple location
Apply specific conditions to your policies
Office 365 Data Loss Prevention
![[GDPR Webinar Slides] Path to GDPR Compliance](https://static.documents.pub/doc/80x56/586fe3d11a28ab18428b80f7/gdpr-webinar-slides-path-to-gdpr-compliance.jpg)
