GDPR AND FILE TRANSFER
- Data retention policies
- Secure data transfer protocols
- Encryption of data at rest
- Detailed auditing and reporting
- Authentication and access control options
- High availability / disaster recovery
- Integrate with AV and DLP tools
- Controlled platform for ad-hoc sharing/collaboration
GDPR COMPLIANCE WITH EFT ENTERPRISE
-
Secure protocols to protect data in transit
-
Robust authentication to control who can access data, plus optional multifactor authentication
-
Full audit log to trace data
-
Encryption options for protecting data at rest, including OpenPGP
-
Optional secure data wiping, otherwise known as data sanitising
-
Local-managed or AD-managed access controls over what data can be accessed
-
Automated, scheduled clean-up action helps comply with storage-retention requirements
-
User account information is always stored encrypted
ADDITIONAL EFT MODULES FOR GDPR
Workspaces vs shadow IT
Workspaces for EFT makes it easy for end users to share files of virtually any kind via any web browser, allowing others to access, upload, and download folders and files. Employees can share files in a way that they have become use to, but in a secure way, with enhanced governance and visibility of your data. With Workspaces for EFT you can:
- Empower your end users with secure file sharing between employees and external partners
- Retain full control and visibility of your data
- Integrate with Outlook for person-to-person file transfers
- Securely send files from your browser
- Generate reports on file transfer activity
Content Integrity Control module (CIC)
Due to this architecture, upstream or downstream processes need to exist to determine whether files that are processed through EFT contain personal data, including controls that would allow or disallow processing of that data.
EFT’s optional support for the ICAP protocol allows it to side-channel files that are being received or that are about to be processed, allowing a third-party system to examine and flag those files accordingly (disallowing further processing), or even modifying their content, including replacing personal or other sensitive data with alternate content.
Auditing & Reporting Module (ARM)
Under GDPR Article 30, you have a responsibility to log and report data transfers that include personally identifiable data. ARM provides access to a full range of pre-configured reports, meaning you can evidence which users sent and received which data. Combining this with the additional Insight module will deliver customised reporting, real-time monitoring and track SLAs against your data movement.
High Security Module (HSM)
Gateway
RESOURCES
The following technical top tips and guides are useful resources to support GDPR compliance with EFT Server.
- MFT GDPR compliance and how EFT can help. Read more…
- Encrypting data at rest in EFT. Read more…
- Multifactor authentication in EFT. Read more…
- Data storage: Spring-cleaning your EFT system. Read more…
- EFT auditing and reporting with Insight module. Read more…
- The shadow IT effect: How to secure your business data. Read more…
- Six ways GDPR is doing your business a favour. Read more…
- Pro2col White Paper: GDPR for data transfer and file sharing. Read more…