Overview

The General Data Protection Regulation (GDPR) will take effect across the European Union starting on May 25, 2018. This is the biggest change to European Union (EU) privacy law in over 20 years, and it will have a major impact on how many organizations in the EU and across the globe collect, use, and store personal information about individuals.

With the growth of mobile devices, Cloud services, and the connectivity to the Internet of Things becoming integral tools in our daily professional and personal lives, there is a need for greater data security, as its evident by the daily breaches that data security has not kept pace with the potential for exposure that these innovations bring. The goal of the GDPR is to create a standard set of security and privacy regulations that organizations must comply with to ensure an individual’s data is protected.

Although greater data protection is becoming more important than ever as our economies become digitized, the burden of updating security polices and strategies for organizations to comply with GDPR can be overwhelming, disruptive and take a considerable amount of time and resources.

The Challenge

With the majority of today’s businesses and services being conducted across international borders, Gartner estimates that more than 50% of companies who are affected by GDPR will not be fully compliant by the end of 2018.1 It is difficult to quantify how many global and smaller businesses are affected, but nevertheless, the number of companies is significant.

Because the GDPR regulations are mandatory, there is an increased pressure on organizations to take the necessary compliance steps quickly to have strategies in place by the May deadline to prevent facing large penalties of fines of up to 4% of annual global turnover or €20 million if an organization is found to be in breach of GDPR regulations.2

Under GDPR, the burden of compliance does not just lie with the customer (or the data controller), but also the cloud service provider. Therefore a customer that uses a cloud service provider to either run cloud-based applications, stores, collects or access to customer information, will rely on its service provider in achieving GDPR compliance.

Some of the biggest challenges that organizations will face under the GDPR compliance include:

  • Strict Penalties and Fines for Non-Compliance
  • Breach Notification Procedures
  • Appointment of Data Protection Officers (DPO)
  • Demonstrable Processes and Technology to Prove Protection of Data
  • Maintain Adequate Data Records
  • Right to Access
  • Ensure the Right to Be Forgotten

What Businesses Need to Do to Be Compliant

To comply with many of the new regulations, as well as adapt to modern technology innovations, organizations need to build more flexible architectures that will easily allow them to incorporate innovative technologies and security solutions as they evolve without affecting both business productivity and user access and experience. However, this can quickly become expensive and complex with updates such as legacy to Cloud infrastructure overhauls and the addition of at least one or more products to enhance data protection.

How BOHH Labs Helps With GDPR

BOHH Labs’ security solution was built on making data security a priority, so we are confident that our security platform that can encrypt specific fields (GDPR, PII etc.) will help organizations successfully address GDPR requirements. The volume of data being collected, produced and handled by organizations is rapidly growing daily, and the privacy of data has a significant impact on both organizations and customers. At the same time, while data protection is invaluable to companies and users alike, it also serves no benefit to keep it protected if it is not accessible for anyone. Users want to know their data is secure without worrying where it is coming from or impacting their usability and convenience. BOHH is focused on securing data without any impact on user access, if users encounter issues accessing their data, users are going to find a different way of getting it, and this is what opens the door to big security threats like we have seen weekly over the last several years. As such, when breaches or loss of data occur, trust is broken between all parties.

Our approach to security is to become more dynamic within the existing system and protect data from within by weaving together access to data with security at the foundation level. While our security approach focuses on Cloud data, on premise data, and data stores, the concept of securing and managing data in certain domains has many parallels with GDPR regulations.

We enable GDPR compliance with:

Unique, Dynamic Key Encryption: Our approach to security is to encrypt all data in real-time, both in transit and at rest, while still retaining search capabilities. Our patented, unique encryption algorithms use dynamic key creation that has no reliance on web security or key stores. Every data request is isolated from the requestor and is encrypted using transient keys that are destroyed after each transaction. This means the original data request never has direct access to the company network or backend database. This terminates intercepting party connections and renders partial data a third party may get access to useless, making it very difficult for to steal useable data (including a database admin). This encryption technique enables us to help organizations mitigate data breaches and any associated penalties.

Federated Search for Data: While we believe it is invaluable to keep data protected, it also serves no benefit to keep it protected if it is not accessible, and this a core component for GDPR. Data subjects have the right to obtain from the data controller confirmation of if their personal data concerning them is being process, where and for what purpose. BOHH Labs offers a patented, secure federated search that provides organizations the ability to quickly search for data, while still fully encrypted with document-level encryption at rest and in transit. Our search enables that one request performs a simultaneous search of all desktop, email, cloud stores and databases in real-time to return results in under a millisecond.

Data Records Maintenance: BOHH Labs’ proven security platform helps companies to maintain data records and audit data is available if required (although as part of our data privacy philosophy, we don’t keep historic data today, but it can be stored within an enterprise database).

Secure Cloud Storage: Under GDPR, the burden of compliance does not just lie with the company but also the Cloud service provider. This means any company using a third-party Cloud service provider to either run Cloud-based applications, store, collect or access customer information, will rely on its service provider in achieving GDPR compliance. BOHH Labs offers a new unique capability to the enterprises using Cloud service, Secure Storage as a Service, which offers databases or specific file security that businesses desperately need. This enables on premise deployments to actively prioritize applications, databases or infrastructure to a lower cost, and secure cloud deployment without impacting user access. Companies can choose which data to store with full knowledge of data confidentiality/ sensitivity.

Infrastructure Agnostic: Our secure application gateway is infrastructure agnostic and deployed on top of existing systems between the infrastructure, firewalls and transactions with both Cloud and on-premise implementations. This means there is automatic backend data protection as data goes in and out of the entire ecosystem without interfering with any existing applications or downtime or disruption to the business to implement.

Data Masking: GDPR punishes businesses that fail to leverage appropriate protection measures – such as data masking technologies—as a part of their overall security posture. Data masking enables companies to fulfill GDPR requirements to pseudonymize (anonymize) sensitive data that otherwise could directly or even indirectly identify a specific individual. BOHH’s unique encryption capabilities helps companies to protect/mask data from unauthorized users.

The BOHH Labs Differentiator

What makes the BOHH security solution unique is its ability to secure data at ALL points of vulnerability: the request, processing and backend data stores. This means every data request must be validated at each of these three points before moving forward, if at any point a data request is not approved, it is immediately dropped, eliminating any direct access between the request and the backend systems, preventing any intrusions to the enterprise system.

The BOHH Labs Approach to Security / How it Works

BohhLabs-Diagram

  1. A request comes in and the Secure Gateway isolates the request from the requestor, terminating the original connection. The isolated request is encrypted and digitally signed and then sent to the processing phase.
  2. The Processing stage uses a secure, sealed memory container to open a one-time use dynamically allocated port to accept the encrypted request. The request undergoes threat analysis checks to ensure it is not an attack and is re-encrypted and re-digitally signed once approved before it is passed on to the Connector stage.
  3. The Connector stage opens another dynamically allocated port, reads the request and determines where the request needs to go to retrieve the information from the backend data stores.

Summary of BOHH Labs’ Business Value with GDPR

BOHH Labs is focused on data privacy and provides organizations with a simple and quick solution to successfully integrate GDPR with minimal impact on legacy systems or compromise to performance, speed, or customer accessibility. Key areas BOHH helps with include:

  • Compliance
    • Corporate governance of all data, documents, IoT, Cloud and mobile device access.
    • Data all or specific fields are encrypted at rest, in transit and in User Interface (UI).
  • Enterprise-Validated, Patented Security IP
    • A security suite of Dynamic Key Encryption, Artificial Intelligence, Natural Language Processing, and In-Memory Distributed Block Ledger that secures all data access between all users, applications and backend database services.
    • Dynamic encryption (AES256), yet searchable storage and transport of documents and data.
    • An increased focus on data storage and retention for specific periods, BOHH’s security application gateway can help mitigate the need to store duplicate information using our unique database deduplication patent.
    • Secure data transfer and interaction with all IoT, Cloud and mobile device in real-time.
    • Architecture secures end-points from external threats.
  • Continued Business Flow
    • Leverages existing infrastructure investments.
    • No downtime to implement or overhead.
    • Zero interruption to access of data with security mechanisms in place.
    • No database latency.

BOHH Labs’ security solution helps companies protect its data within its firewalls and externally, enabling companies to integrate GDPR more easily. If you would like to know more about how we can help your companies, please contact us at info@bohh.io.

References:
1. https://www.gartner.com/newsroom/id/3701117
2. https://www.eugdpr.org/key-changes.html