Email is especially prone to violations of the General Data Protection Regulation (GDPR) because of its role as the primary business communication tool. It’s also widely used for sharing and storing personal data, and specifically because it is still the number one threat vector for cyber-criminal exploits.
For this reason, companies must protect personal data stored in emails and also provide access to it - in your email archive - whenever the data owner asks for it.
What is the GDPR?
The General Data Protection Regulation is a new law in the European Union (EU) aimed at protecting the rights of individuals in respect of their data, and any organization that holds data about any resident of the EU is expected to comply.
GDPR was adopted as an EU law in April 2016 and will take full effect in May 2018.
Amongst other things, GDPR deals with the data you collect in the first place, how you tell people what you are going to do with it, what you actually do with it, how you store it securely, whom you allow to access it, and what happens if you fail to comply. At their heaviest, GDPR penalties can reach €20,000,000 or 4% of your global annual turnover, whichever figure is bigger.
GDPR & Email Security
- Implement appropriate technical measures to comply with “privacy by design,” organizations should include email encryption and compliance capabilities to their email security infrastructure.
- Ensure they will be able to comply with requests to access “the right to be forgotten” (the system may need to erase users’ personal data and cease further dissemination of the data).
- Be equipped to quickly understand when there has been a breach of personal data and notify authorities within 72 hours of identifying a breach.
- Be prepared to inform organizations as to whether or not personal data concerning them is being processed, where and for what purpose.
AnubisNetworks Mail Protection Service (MPS) and Its Key Capabilities
Our MPS solution was built with customer privacy in mind:
- Message Integrity: We never store clean messages, our multi-layered approach providing a separation of messages and roles within shared platforms.
- Message Security: We have strong inbound and outbound protection, with real time protection on spam, malware and phishing as well as with anti-fraud, anti-spoofing, authentication and encryption verification.
- Message Transparency: We offer extensive message details, permitting our customers to understand exactly the message path, the filtering process and the actions taken.
- System Robustness: We have secure access at an administration level (e.g. 2 factor authentication, detecting different login tentative), multiple roles, including Helpdesk users with non-privileged access, and multiple delivery authentication, including AD synchronization.
- Compliance and Control: We offer DLP protection, Quota management for outbound traffic, distinct delivery IPs.
Our MPS Solution is trusted by our customers and we are working tirelessly to assist our customers in their efforts to comply with GDPR regulations that relate to corporate email security.
Author: Rui Serra
With degrees in Computer Engineering and Marketing, Rui started his career managing training documentation for IT Training and consulting firms. He then joined Nokia Siemens Networks as a Documentation Specialist and Project Scrum Master before joining AnubisNetworks in 2009, where he has advanced from managing documentation to Product Manager for the growing Product Portfolio.