Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

Splunk: How Machine Data Supports GDPR Compliance

543 Aufrufe

Veröffentlicht am

Virtualization Forum 2017
Praha, 1.11.2017
sál Arrow

Veröffentlicht in: Technologie
  • I'd advise you to use this service: ⇒ www.HelpWriting.net ⇐ The price of your order will depend on the deadline and type of paper (e.g. bachelor, undergraduate etc). The more time you have before the deadline - the less price of the order you will have. Thus, this service offers high-quality essays at the optimal price.
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • Have you ever used the help of ⇒ www.WritePaper.info ⇐? They can help you with any type of writing - from personal statement to research paper. Due to this service you'll save your time and get an essay without plagiarism.
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • I'd advise you to use this service: HelpWriting.net The price of your order will depend on the deadline and type of paper (e.g. bachelor, undergraduate etc). The more time you have before the deadline - the less price of the order you will have. Thus, this service offers high-quality essays at the optimal price.
       Antworten 
    Sind Sie sicher, dass Sie …  Ja  Nein
    Ihre Nachricht erscheint hier
  • Gehören Sie zu den Ersten, denen das gefällt!

Splunk: How Machine Data Supports GDPR Compliance

  1. 1. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR Is machine data relevant and how can it help? GIOVANNI MORREALE EMEA Technical Distribution Manager The European General Data Protection Regulation PRAGUE 1ST NOVEMBER 2017
  2. 2. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Goal of the General Data Protection Regulation “The aim of the GDPR is to protect all EU citizens from privacy and data breaches in an increasingly data-driven world”
  3. 3. © 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR Briefing Overview GDPR A Deeper Look How Splunk supports GDPR compliance Splunk and Reporting Examples Agenda
  4. 4. © 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR Briefing Overview
  5. 5. © 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR Timelines The regulation is binding across all EU members states January, 2012 Commissioner Proposed reform to Data Protection regulation May, 2018 Effective Data Protection Framework comes into force (25th May, 2018) April, 2016 EU Council adopted new regulation December, 2015 EU agreement on regulation including the UK after Brexit
  6. 6. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Key Features of GDPR Applicable to any company doing business in the European Union European Data Protection Harmoniza tion Fines up to €20m or 4% of turnove r Mandatory Privacy Impact Assessme nts Privacy by Design & Default 72 Hour Breach Notificatio n Mandator y Data Erasure & Portability Consent for Personal Data Profiling
  7. 7. © 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR Advice from the information commisioner office
  8. 8. © 2017 SPLUNK INC.© 2017 SPLUNK INC. GDPR A Deeper Look
  9. 9. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Looking into the Details http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN
  10. 10. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate: Article 32 – Security of processing Understand Threats & Risks Use of Encryption & Anonymization Regular Evaluation of the Security Policy & Practices Ensure Confidentiality, Integrity, Availability and Resilience of PII Systems and Services
  11. 11. © 2017 SPLUNK INC.© 2017 SPLUNK INC. 1. In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay. ... 3. The processor shall notify the controller without undue delay after becoming aware of a personal data breach. The notification referred to in paragraph 1 shall at least: (a) describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned; (b) communicate the name and contact details of the data protection officer or other contact point where more information can be obtained; (c) describe the likely consequences of the personal data breach; (d) describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects .... Article 33 – Notification of a personal data breach to the supervisory authority
  12. 12. © 2017 SPLUNK INC.© 2017 SPLUNK INC. “In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.” … 1. When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall communicate the personal data breach to the data subject without undue delay. 2. The communication to the data subject referred to in paragraph 1 of this Article shall describe in clear and plain language the nature of the personal data breach and contain at least the information and measures referred to in points (b), (c) and (d) of Article 33(3). Article 34 – Communication of a personal data breach to the data subject
  13. 13. © 2017 SPLUNK INC.© 2017 SPLUNK INC. “Each controller and, where applicable, the controller's representative, shall maintain a record of processing activities under its responsibility” Article 30 – Records of Processing Activity
  14. 14. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Finding of the ICO at a Privacy Audit Search and Report on data processing
  15. 15. © 2017 SPLUNK INC.© 2017 SPLUNK INC. You wake up in the morning and your data privacy officer is on the phone The Day in a life of a GDPR Breach ● Breach Happening, How it looks like ● Crisis Communication Internally ● Investigation Steps ● Finding out who was impacted, when it did start, what type of a breach it was ● Communication Strategy Externally ● Data Privacy Audits from the government ● You need to prove you did everything to mitigate the risk for individuals ● You need to answer when did you know what and how did you know about it?
  16. 16. © 2017 SPLUNK INC.© 2017 SPLUNK INC. How Splunk Supports GDPR Compliance
  17. 17. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2016 SPLUNK INC. CONFIDENTIAL. INTERNAL USE ONLY. Splunk can help your Organization with GDPR ▶ GDPR about People (IT & Legal), Process and Technology ▶ Splunk helps to detect, prevent and investigate breaches • Breach Notification Article • Breach Communication to Individuals Article • Implement appropriate techn. Measures (Article) ▶ Prove GDPR security controls are enforced • Data security article / state of the art tech / implement appropriate techn. Measures ▶ Search and report on personal data processing
  18. 18. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Prove GDPR Security Controls are enforced Detect, Prevent and Investigate Data Breaches Search and Report on Personal Data Processing Splunk for GDPR
  19. 19. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Splunk for GDPR Detect, Prevent and Investigate Data Breaches The Forrester Wave: Security Analytics Platforms, Q1 2017Gartner MQ for SIEM, Aug. 2016 IT Operations Application Delivery Industrial Data & IoT Business Analytics, Future Markets IT Security, Compliance & Fraud Monitor Detect Investigate Respond Enterprise ES, UEBA On-Premise, Cloud, Hybrid | Analytics for Hadoop Different people asking different questions… …of the same data. Machine Data Article 33 - Notification of a personal data breach to the supervisory authority Article 34 - Communication of a personal data breach to the data subject Data Breach Notification
  20. 20. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Splunk for GDPR Prove GDPR Security Controls are enforced Article 32 - Security of processing Article 58 - Supervisory Investigative Powers Risk Minimization Report Compliance DPIA
  21. 21. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Splunk for GDPR Search and Report on Personal Data Processing Article 30 - Records of Processing Activity Article 5, 15, 17, 18 and 28 - Data Subject Rights Supply chain Obligations Right to be Forgotten Right of rectification Right of access Right of data portability …
  22. 22. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Machine Data plays a critical role and helps your organization to comply with the GDPR - Are you prepared? We invite you to ask for a GDPR Workshop!
  23. 23. © 2017 SPLUNK INC.© 2017 SPLUNK INC. ▶ What’s the current status within your Organizations? Data Impact Assessments happened? ▶ Who owns the GDPR Program in your organization? ▶ What are the Key Challenges? ▶ What are expected changes that influences the IT Department? What changes have happened already? ▶ What capabilities need to be established for breach notification? ▶ What capabilities need to be established for data privacy audits? ▶ How about monitoring of PII processing activities? Questions to ask yourself HINTS
  24. 24. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Visibility and Enforcement for GDPR API SDKs UI Report Compliance Detect, Prevent and Investigate Data Breaches Example Data Sources… On-Premise, Cloud, Hybrid No rigid schemas – add in data from any other source. Protect … Classify SDM/ControlPoint … Find Trust Center … Prove GDPR Security Controls are enforced Search and Report on Personal Data Processing Govern Content Manager … Securiity IT-Ops Cloud IoT …
  25. 25. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Top Goals Top Splunk Benefits ▶ Continuously Protect the business against: • Data Breaches • Malware • Fraud • IP Theft ▶ Comply with audit requirements ▶ Provide enterprise Visibility ▶ 70% to 90% improvement with detection and research of events ▶ 70% to 95% reduction in security incident investigation ▶ 10% to 30% reduction in risks associated with data breaches, fraud and IP theft ▶ 70% to 90% reduction in compliance labour Splunk for Security & Compliance
  26. 26. © 2017 SPLUNK INC.© 2017 SPLUNK INC. ▶ Data in transit: Encryption ▶ Data at rest: Encryption ▶ Data at rest: Integrity ▶ Data/Fields within Splunk: • Anonymization in raw event • Anonymization in presentation layer • Pseudonymization in raw event • Pseudonymization in presentation layer CTA: Pseudonymization of PII Stay compliant whatever occurs in your machine data risk minimization strategy
  27. 27. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Splunk and Reporting Examples
  28. 28. © 2017 SPLUNK INC.© 2017 SPLUNK INC. How can Splunk help? ALL DATA IS SECURITY RELEVANT Security & Compliance Reporting Real-time Monitoring of Known Threats Detecting Unknown Threats Fraud Detection Insider Threat Incident Investigations & Forensics
  29. 29. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Solution: Splunk, the Engine for Machine Data Custom dashboards Report and analyze Monitor and alert Developer Platform Ad hoc search References – Coded fields, mappings, aliases Dynamic information – Stored in non-traditional formats Environmental context – Human maintained files, documents System/application – Available only using application request Intelligence/analytics – Indicators, anomaly, research, white/blacklist Real-Time Machine Data On-Premises Private Cloud Public Cloud Storage Online Shopping Cart Telecoms Desktops Security Web Services Networks Containers Web Clickstreams RFID Smartphones and Devices Servers Messaging GPS Location Packaged Applications Custom Applications Online Services DatabasesCall Detail Records Energy Meters Firewall Intrusion Prevention
  30. 30. © 2017 SPLUNK INC.© 2017 SPLUNK INC. 200+ APPS The Splunk Platform for Security Intelligence Splunk Enterprise (CORE) Stream data Cisco Security Suite Windows/ AD/ Exchange Palo Alto Network s FireEy e Bit9 DShiel d DNS OSSEC Splunk UBASplunk for Security
  31. 31. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Thousands of Global Compliance Customers
  32. 32. © 2017 SPLUNK INC.© 2017 SPLUNK INC. ▶ Who is accessing which information? Data Governance & Insight Application Insights 360
  33. 33. © 2017 SPLUNK INC.© 2017 SPLUNK INC. ▶ Assigned roles and privileges Data Governance & Insight User Roles Overview
  34. 34. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Prove GDPR security controls are enforced Splunk helps to detect, prevent and investigate breaches Search and report on personal data processing What GDPR use cases does Splunk help solve? Breach Investigation Notification: 72 Hours
  35. 35. © 2017 SPLUNK INC.© 2017 SPLUNK INC. ▶ Next 7 Days • Identify GDPR systems and applications in scope • Find a lawyer within your organization and sync up with them to find out about their requirements. ▶ Next 30 Days • Review the current capabilities you have in place • Think about how GDPR impacts the IT processes and systems you have already • Review how the GDPR requirements can be incorporated into other compliance mandates you have to comply with • Reach out to us for a GDPR Workshop Next Steps
  36. 36. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. Thank you
  37. 37. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. Backup Slides
  38. 38. © 2017 SPLUNK INC.© 2017 SPLUNK INC. How much control do you have over the information you provide online? To what extent do you trust authorities and private organizations to protect your data? Key GDPR Drivers: Data Protection & Privacy The Eurobarometer survey – June 2015
  39. 39. © 2017 SPLUNK INC.© 2017 SPLUNK INC. Personal Data (PD) • Data unique to an individual; • Obvious identifiers → National Identifier, Passport No., Driver’s License; email address (including work address) • Less obvious identifiers → Cookies/beacons, IP address, MAC address when connected to a person Sensitive Data • Ethnicity, gender orientation, race, religion, sex, health, criminal history, etc. Data….what data are we talking about?
  40. 40. © 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC.© 2017 SPLUNK INC. Thank You

×