The amount, sources and types of data that are collected and used by organisations today has exponentially grown, together with the value that can be gained from this data. How and where companies store, process and access data has moved from inside the traditional IT perimeter and server rooms into hybrid and cloud environments in data centres across the globe. Remote access continues to be named as the leading attack pathway in cyberattacks. Providing remote access is necessary for organisations to operate effectively, but it shouldn’t compromise the security of your data. With the fast-approaching enforcement of GDPR going into effect 25 May 2018, organisations need to be prepared to meet the new standards. Join Bomgar for an informative webinar on who is required to comply and how organizations can secure remote and privileged access to prepare for these new security measures.

1. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
GDPR and Remote
Access Security: What
Your Need to Know
Karl Lankford l 30 January 2018

2. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
Agenda
1. Current information landscape
2. Who is required to comply with
GDPR and how
3. Importance of secure access to
data privacy
4. How Bomgar’s solutions help meet
GDPR initiatives
5. Q&A

3. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
• Growth of ‘always on culture’
• Traditional storage and processing of personal data has changed
• Personal data has increased in value
The Information Landscape has Changed…

4. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
Who Is Required To Comply With GDPR?
• EU-based organisations
• Companies that process data of EU citizens

5. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
What do organisations have to do? Part One
• Implement “Privacy by Default” and “Privacy by Design”
• Maintain appropriate data security
• Notify data protection agencies and consumers of data breaches
• Get appropriate consent for most personal data collection and
provide notification of personal data processing activities
• Get a parent’s consent to collect data for children under 16
• Keep records of all processing of personal information

6. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
What do organisations have to do? Part Two
• Appoint a Data Protection Officer
• Take responsibility for the security and processing activities of
third-party vendors
• Conduct Data Protection Impact Assessments on new processing
activities
• Institute safeguards for cross-border data transfers
• Be able to demonstrate compliance on demand
• Provide appropriate data protection training to personnel having
permanent or regular access to personal data

7. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
How Can You Comply With GDPR?
• Identify What Data You Hold
• Where does the data reside?
• Who has access to the data?
• How is the data processed and
transmitted?

8. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
How Can You Comply With GDPR?
• Review Employee Training
• Where does the data reside?
• Who has access to the data?
• How is the data processed and transmitted?

9. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
How Can You Comply With GDPR?
• Consider your supply chain
• Who else has access to your data in
addition to your employees?
• Ensure that they have the necessary
policies and security measures in place to
be compliant if data is stored or processed

10. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
How Can You Comply With GDPR?
• Control and monitor access to your
data
• Ensure that by default personal data is
not made accessible to those who
don’t need it
• Give privileged users just the access
they need, enforcing least privilege
• Capture an audit trail and log all
session activity

11. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
Secure Access is Important
• Remote access solutions
continue to be leading
attack pathways used in
security breaches
• Credentials and
passwords are the ‘keys to
the kingdom’ that cyber
criminals target

12. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
Driving Factors for Implementing a
Privileged Access Solution
Already
suffered a
breach / breach
response
Easing the
burden of
Vendor Access
Risk/Mitigation
against cyber
breach
Adopting an
“assume they
are already in”
security posture
Update or
enforcement of
Corporate
Password
Policy
Compliance
requirement

13. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
Driving Factors for Implementing a
Privileged Access Solution
Already
suffered a
breach / breach
response
Easing the
burden of
Vendor Access
Risk/Mitigation
against cyber
breach
Adopting an
“assume they
are already in”
security posture
Update or
enforcement of
Corporate
Password
Policy
Compliance
requirement

14. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
• Eliminate a cybersecurity threat
vector
• Meet privileged access
compliance requirements
• Give them a privileged access
solution they’ll love
• Secure the access, defend the
credential
Bomgar Privileged Access Management

15. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
Summary
• Identify what data you hold
• Review employee training
• Consider your supply chain
• Control and monitor all
access to your data

16. ©2018 BOMGAR CORPORATION ALL RIGHTS RESERVED WORLDWIDE
Questions?
Karl Lankford | Bomgar
Questions?
Karl Lankford
www.bomgar.com