On May 25th 2018, the European Union (EU) will introduce its General Data Protection Regulation (GDPR). The GDPR is a set of regulations meant to protect personal data of EU residents, and enforces data privacy rules on how organizations collect, store and use the information. Failure to comply with the EU GDPR regulation carries heavy penalties including fines of up to €20 Million or 4 percent of global turnover. This includes information exchanged over email. According to Infowatch global data leakage report, email is the second largest channel for data leaks.

Some key elements of the regulation include:

  • GDPR applies to all organizations that process the personal data of subjects residing in the EU, regardless of the organization’s location.
  • Breach notification will become mandatory, and must be done within 72 hours of first having become aware of the breach.
  • EU residents have the right to obtain confirmation as to whether or not personal data concerning them is being processed, where and for what purpose.
  • The right to be forgotten entitles the residents to have the organization erase his/her personal data, and cease further dissemination of the data
  • Privacy by design calls for the inclusion of data protection from the onset of the designing of systems, rather than an addition.

Here are certain implications of GDPR on an organization’s emails and email security:

  • Personal data is classified as any information that includes personal email addresses, phone numbers etc. that are commonly used for marketing.
  • Organizations in regulated industries such as retail, finance and healthcare have to deal with added layers of complexity to comply with competing regulations
  • To implement appropriate technical measures to comply with “privacy by design,” organizations must include email encryption and compliance capabilities to their email security infrastructure.

To comply with GDPR, key capabilities to consider while evaluating your email security include:

  • A comprehensive multi-layered approach that provides strong inbound and outbound protection
  • Sandboxing and quarantining of any unknown email attachments to prevent breaches
  • Strong encryption and DLP for compliance and regulatory requirements

Download our tech brief to learn more about SonicWall Email Security’s compliance and encryption service, and how it can help you comply with the EU GDPR.

Download Tech Brief

FacebookTwitterGoogle+LinkedIn
Ganesh Umapathy
Product Marketing Manager, SMA | SonicWall
Ganesh is the Product Marketing Manager for SMA product line, where he drives go-to-market strategies, product marketing lifecycle and sales enablement.

Ganesh has over 8 years of experience working in the technology industry. His previous roles include Product Management and Marketing consultant for fortune 500 companies. He has also worked in various capacities ranging from a software engineer to a IT consultant.

Ganesh holds an MBA from University of Washington, Seattle and a bachelor’s degree in electronics & instrumentation engineering from India.

You might also like

7 Email Security Best Practices for Office 365 in the Cloud
Read more
SonicWall Email Security 8.3 Delivers New Spam Detection and Authentication
Read more
Innovate More, Fear Less with SonicWall’s Automated Breach Prevention at Gartner Security & Risk Management Summit 2017
Read more
SonicWall Survey Results Reveal Lack Of Preparedness for GDPR in EMEA
Read more
Black Hat USA 2017: Build Your Arsenal with SonicWall Capture – Innovate More, Fear Less
Read more

0 comments

Leave a reply

8 − four =