Should emails be encrypted under GDPR
Effects of the GDPR on email security
, Munich, SonicWall | Author: Herbert Wieler
Is your email security ready for EU GDPR?
On May 25, 2018, the European Union (EU) will introduce its General Data Protection Regulation (EU-DSGVO / GDPR).
The GDPR contains a number of regulations that are intended to protect the collection, storage and management of personal data in the EU. Failure to comply with the EU GDPR regulation should lead to severe penalties (max. 20 million or 4% of sales).
According to the Infowatch Global Data Leakage Report from 2016, which is unlikely to have changed much by now, emails are the second largest threat channel for emerging data abuse.
An early check of the current e-mail security with regard to the upcoming GDPR cannot hurt.
Some key element of the GDPR
- The GDPR applies to all organizations that process personal data of EU residents, regardless of the location of the organization.
- The violation report is mandatory and must be made within 72 hours of the occurrence of the data abuse.
- EU residents have the right to receive confirmation as to whether, where and for what purpose personal data about them is being processed.
- The right to “be forgotten” entitles users to prohibit the deletion and further dissemination of their personal data.
- Data protection through design requires the inclusion of data protection right from the start of the system design, not just with a subsequent addition.
What does this mean for a company's email security?
Implications of the GDPR on the email system
- All information containing personal e-mail addresses, telephone numbers, addresses, etc. is classified as personal data, mostly used for marketing purposes.
- Organizations such as retail, finance, and healthcare are likely to face greater complexity in handling personal data to comply with regulations.
- In order to implement suitable technical measures to fulfill "privacy by design", organizations must incorporate appropriate e-mail encryption and compliance functions into their e-mail security infrastructure.
In order to comply with the regulations and to achieve a positive evaluation of the email security, the following guidelines must be observed:
- A comprehensive, multi-layered approach that offers strong inbound and outbound protection
- Sandbox and quarantine unknown email attachments to prevent violations
- Strong encryption and DLP for compliance and regulatory requirements
- Who is the prettiest girl in Tollywood
- What do neon colors mean
- What are the best stores in NIT Nagpur
- How can we make a human heart
- What are different uses of Stack
- What examples of haploid cells are there?
- How does yeast make milk
- Why do some people use clarified butter?
- Who is coming to IISER Mohali this year
- Where did Richard Nixon grow up
- What are the names of hurricanes 1
- How does a pH probe work
- Why do Muslim girls have to wear hijabs
- Is Kubera the original gnome
- What is a while loop in Python
- Will Zillow buy my apartment?
- Why is benzene harmful to the environment
- The Weeknd uses automatic reconciliation
- How is the Redmi 8A smartphone
- Barcelona FC is nothing without Messi
- How did Russia get Trump elected
- What does AUB mean in mathematics
- What was Peter Fonda's best film
- What technologies does Enplug