Track Your GDPR Compliance with PRTG
Originally published on June 11, 2018 by Sascha Neumeier
Last updated on August 31, 2021 • 6 minute read
Apart from some events in the world of politics, hardly any topic has been as intensely debated in the past few weeks as the introduction of the new General Data Protection Regulation (GDPR), which came into force on May 25, 2018.
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA).
It also addresses the export of personal data outside the EU and EEA. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. (Source: Wikipedia)
Support from Suitable Software
To comply with the General Data Protection Regulation, companies need to take a plethora of security measures and monitor them constantly. To implement these measures and requirements, there are now a variety of software solutions on the market.
Through its Uptime Alliance Program, Paessler AG works together with the manufacturer EgoSecure, whose eponymous software solution covers a comprehensive portfolio of functions that enable companies to set up their IT infrastructure in compliance with the data protection requirements.
Monitoring of Data Transfer and Portable Media
The creation of templates for order processing, the meticulous filling out of the required procedure logs, or the revision of various rules and regulations are not really the most exciting administrative tasks for most people. Tangible, visible things that you can “grasp” are more interesting. So let’s take a closer look at three measures related to practice.
|Disk encryption||For security reasons, all USB data carriers need to be encrypted. This prevents unauthorized access in case of theft or loss of a data carrier.||When USB data carrier encryption is deactivated (on the client’s side or centrally), there is an alert.|
|Unknown storage devices||In the scope of data carrier encryption, an inventory is taken of all data carriers used in the company. Only inventoried data carriers can be used.||As soon as unknown data carriers connect to an IT device in the company, an alert is issued.|
|File transfer||Unnecessary transfer of data to mobile data carriers should be avoided. This is configured, for example, by saving a value for the number of files that may be copied to mobile data carriers per day.||If more than the defined number of files are copied to a mobile data carrier, a notification is issued.|
The solution approaches configured in the software can then be monitored directly using PRTG and, for example, visualized on a NOC dashboard. In this way, in addition to the IT and network infrastructure, the administrator can also directly see the company's data compliance.
Of course, there are countless other applications, in addition to the three examples mentioned above. For additional application options, areas and an overview of EgoSecure functions, visit this page.
Monitor Other Statuses with PRTG
Along with the mentioned figures in the field of the General Data Protection Regulation, you can monitor many other parameters and statuses using PRTG. RestAPI, JSON, HTML, SNMP, HL7, DICOM, HTTP – you can use various interfaces to transfer metrics to PRTG and visualize and monitor them there.
iSNMP stands for Simple Network Monitoring Protocol. Its usefulness in network administration comes from the fact that it allows information to be collected about network-connected devices in a standardized way across a large variety of hardware and software types. SNMP is a protocol for management information transfer in networks, for use in LANs especially, depending on the chosen version. Read more ...
Your Feedback Is Our Incentive
Do you also use PRTG to monitor devices and parameters that are not directly related to the IT infrastructure? Do you plan to monitor your data carrier encryption in accordance with the above-mentioned principle? Or did the new GDPR thwart you and you are now working in a whole other sector? 😉 We look forward to receiving your comments!