by Cesar Navas
April 23, 2024
This dashboard provides organizations with information which measures against the compliance standards related to the General Data Protection Regulation (GDPR) is a comprehensive data privacy regulation that came into effect in the European Union (EU) on May 25th, 2018. The GDPR is designed to strengthen and unify data protection for individuals within the EU and the European Economic Area (EEA).
The GDPR replaced the previous Data Protection Directive and introduced new requirements for organizations that process personal data. Simply put, the GDPR grants rights to residents of the EU/EEA over how their personal information is processed and stored, no matter if the processing is online or offline. The three core areas of the GDPR are data governance, data management, and data transparency. The GDPR applies to all organizations within the EU/EEA, no matter the size.
Article 32 (Security of Processing) of the GDPR requires Data Controllers and Data Processors to implement technical and organizational measures appropriate to the level of risk by processing personal data. Additionally, the data controllers or data processors must take steps to ensure that any natural person with access to personal data does not process the data except on the instruction of the controller, processor, EU Law, or member state law. Data security at a minimum should: pseudonymize or encrypt personal data, maintain ongoing confidentiality, integrity, and availability. In the event of physical or technical security breach data security should also be able to restore the availability of access to data. This dashboard helps organizations determine compliance with sections 1, 2, and 4 of Article 32.
Tenable provides several solutions for organizations to better understand vulnerability management. Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Vulnerability Management (formerly Tenable.io) discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture. The requirements for this dashboard are: Tenable Vulnerability Management.
Widgets:
- Framework Result Summary - GDPR: This widget provides compliance results (Passed, Warning, Error, Failed) for the compliance standard being referenced.
- Control Summary - GDPR: This widget provides compliance results for each control family within the compliance standard.
- Audit Check Type Summary - GDPR: This widget provides compliance results for Windows and Unix hosts within the compliance standard.
- 32 Security of processing - GDPR: This widget provides details on each of the compliance controls for the compliance family group being referenced. The compliance control reference number is followed by a count, and compliance result for the compliance control.