 |
As security functions within organizations prepare for the new European Union (EU) General Data Protection Regulation (GDPR) by considering changes in processes, people, and technical controls, it is important to ensure they consider the impact of GDPR on employee digital communications, especially in the context of current and planned cyber security monitoring programs. Security functions need to ensure their continued ability to leverage detective monitoring controls as a part of their overall security program, and employee personal communications can become an obstacle to monitoring programs if not managed effectively. This paper summarizes several key requirements of the GDPR as it relates to employee personal Internet use in the workplace and identifies emerging techniques and strategies to ensure the ability to maintain uninterrupted, comprehensive, efficient and effective monitoring efforts. |
GDPR Compliance and Your Cybersecurity Program
|
As security functions within organizations prepare for the new European Union (EU) General Data Protection Regulation (GDPR) by considering changes in processes, people, and technical controls, it is important to ensure they consider the impact of GDPR on employee digital communications, especially in the context of current and planned cyber security monitoring programs. Security functions need to ensure their continued ability to leverage detective monitoring controls as a part of their overall security program, and employee personal communications can become an obstacle to monitoring programs if not managed effectively. This paper summarizes several key requirements of the GDPR as it relates to employee personal Internet use in the workplace and identifies emerging techniques and strategies to ensure the ability to maintain uninterrupted, comprehensive, efficient and effective monitoring efforts. |
