The General Data Protection Regulation
The introduction of GDPR demands stringent compliance by all organizations that store and maintain databases containing EU citizen data.
Specific articles under GDPR’s Compliance Guidelines pose challenges to organizations housing EU citizen data in their PeopleSoft systems:
“The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and purposes, recipients, time period…”
“In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority.”
Challenges with meeting these articles:
- PeopleSoft captures access information but not granular activity level data. In the event of an audit, these logs will not provide the data necessary to demonstrate compliance.
- The unmonitored security log reports a failed login or malicious activity but it might be days or even months before you find it out.
How we solve it
ERP Firewall enables you to meet these specific GDPR requirements and meet the challenges of knowing how your data is being accessed, by whom, and ensure all malicious activity can be efficiently discovered.
- ERP Firewall limits access to personal data and ensures that security is enforced to the level appropriate to risk.
- With ERP Firewall’s logging capabilities, an organization will have all of the data at its fingertips to meet all audit and compliance requirements – specifically Article 15.