Bekker's Blog

Blog archive

GDPR Tools Come Online from Kaseya, Microsoft

As the General Data Protection Regulation (GDPR) enforcement date approaches, major IT vendors are continuing to spin up tools and resources to help customers and partners ensure compliance and avoid potentially catastrophic fines.

GDPR is a European Union regulation for protecting the data and privacy of EU citizens. GDPR was approved by the EU Parliament in April 2016, and enforcement begins on May 25, 2018. It requires notifications within 72 hours of a breach, evidence of thorough efforts to protect customer data, and clear consent policies to allow EU citizens to opt out of data collection or have their data deleted.

The regulation is important beyond the 28 member states of the European Union because the EU will pursue fines beyond those borders for any organization anywhere in the world that handles the data of EU subjects. Maximum fines are up to 4 percent of a company's annual revenues or 20 million Euros, whichever is greater.

"This has serious teeth to it," says Mike Puglia, chief product officer at Kaseya and a veteran of many of the IT compliance preparation efforts over the last few decades. "[The fines] would be a material impact if not an operational-ending impact."

Kaseya on Thursday unveiled a GDPR Resource Center and Compliance Pack for helping customers worldwide bring their operations into compliance with GDPR. The core is the Compliance Pack, which is a free plug-in to VSA, Kaseya's remote monitoring and management tool.

"There are a lot of things that our customers do with our product that will help you comply: patching, anti-virus, anti-malware, backup, what user accounts are on those systems, when they have been accessed," Puglia says. "We've taken all those things that we do, and brought them together. I can feel confident that I am taking industry reasonable steps. The product itself can mitigate or remediate any issues, and [it does] reporting for evidence."

Kaseya's efforts this week at Kaseya Connect Europe in Amsterdam follow a related tool unveiled by Microsoft during its Ignite conference last week. That tool, the Compliance Manager, is planned to be a part of the Microsoft 365 Enterprise edition, which is a subscription combination of Office 365, Windows 10 and Enterprise Mobility + Security (EMS).

"Compliance Manager enables you to conduct real-time risk assessment, providing one intelligent score that reflects your compliance performance against data protection regulatory requirements when using Microsoft cloud services," wrote Alym Rayani, director, Office 365 Security, in a blog post about the tool.

A preview program of Compliance Manager is planned to start in November. The scoring tool will join other GDPR readiness tools from Microsoft, such as an online GDPR benchmark assessment tool and a GDPR readiness assessment tool for Microsoft partners to use to help customers.

Posted by Scott Bekker on October 05, 2017