Our June Newsletter is published! Click here to download the June Newsletter
Cybersecurity Compliance. The Basics You Need To Know!
We get a lot of questions about cybersecurity compliance. It can be daunting, but here is some basic information you need to know:
GDPR (General Data Protection Regulation)
GDPR is the European Union standards to protect personal information. If you are doing business in the European Union, you’ll want to make sure you are following the extensive guidelines or face stiff fines and penalties. (Up to $10 million or 2 percent of annual revenue whatever is most as the lower level penalty.)
The purpose of the GDPR is to:
– support privacy as a fundamental human right,
– require companies that handle personal data to be accountable for managing the data appropriately,
– give individuals rights about how their personal data is used.
GDPR Rights
The GDPR gives the following rights to individuals:
– Right of access to their information and how it is being used.
– Right of rectification to remove or correct their information at any time.
– Right to be forgotten by deleting personal data.
– Right to restrict processing and limiting the use of their data.
– Right of portability to get their data in a structured commonly used and machine-readable format.
– Right to object or opt out of targeted marketing or direct marketing emails at any time.
The rights are not absolute and exceptions may apply.
Personal Data
Personal data definition includes information that can be traced back to an identifiable person, it is highly likely to be considered personal data. This includes digital life, geo-location, physical, mental, social economic or cultural identities, plus the usual name, address, email addresses and other financial information.
NIST Section 171
NIST Section 171 is the data security compliance for manufacturers who are working on Department of Defense (DOD) contracts. The NIST applies to contractors and sub-contractors.
Tech Guardian specializes in manufacturing and can help companies navigate the NIST Section 171 compliance.
State of California – “Reasonable Security”
The State of California requires “reasonable security” for any business that has personal identifiable information (PII) stored in any database. This includes customers, clients, vendors and especially employees.
If your business is hacked and people’s PII is exposed, and you did not have “reasonable security” in place you will be penalized by the State. If you are hacked or attacked, the fines can be enough to kill your business.
“Reasonable security” is defined and based upon the CIS 20 Controls of security. Tech Guardian can help protect your data and meet any State or security compliance issues.
Education is the key to defeating cybercriminals. Check out our cybersecurity site and please download our FREE resources. Cybersecurity / Squirt Gun Website
Tech Guardian is offering a FREE Cybersecurity Risk Assessment ($1,499 value). Plus, if you meet with us in June we will give your employees FREE Cybersecurity Training and Certification.
Tech Guardian is in the top 501 Managed
Service Providers worldwide and specialize in
cybersecurity protection featuring best in class unified threat management tools, industry best practices and procedures plus superior documentation.
For more information, call us at 951-319-4089
or visit us online at: www.jr-tech.com/cybersecurity