At a time when GDPR has become a major focus for companies, Pradeo aims at providing readability by highlighting personal data manipulated through the mobile framework and drawing a clear path towards GDPR-compliance. For its fourth participation to the RSA Conference, Pradeo announces the launch of a GDPR toolset as part of its PRADEO SECURITY solution.
Today’s digitalized society naturally diverts data consumption to mobile devices and turned applications into a key stone of this new paradigm. On the eve of the application of the General Data Protection Regulation (GDPR), companies’ mobile framework constitutes an essential phase toward compliance and exposes companies to massive fines in case of failure.
The GDPR will be enforced on May 25, 2018 and will affect any organization manipulating European residents’ personal data. To achieve compliance, organizations are due to go through their internal processes in order to identify every single personal data manipulated, ensure privacy and security by default and by design and ultimately be ready in case of a breach.
In the midst of the above, organizations may legitimately feel overwhelmed on how to map personal data they are manipulating and which commensurate security measures they should implement.
“The challenge lies in two areas of the mobile chain to be cautiously assessed and secured. The first one affects applications companies are releasing for their customers, partners or employees. Mobile devices represent the second area. By recording contacts, files, accessing the information system,… mobile workers continually process personal data from their device and expose those to their environment: applications, network connections, ...” said Caroline Borriello, Pradeo’s Chief Operating Officer.
As GDPR expects from companies privacy by default, the first step toward compliance consists in assessing the legitimacy behind personal data processing. Here, both areas circle back to the need to test applications security levels and point out known and, a fortiori, unknown personal data manipulations.
Relying on PRADEO SECURITY detection capability, Pradeo released a new security feature on its platform providing readability of applications against personal data manipulation, by flagging behaviors endangering GDPR compliance. By assessing the legitimacy behind personal data processing, this feature is a first step toward privacy by default and constitutes the necessary basis to determine appropriate security measures to be implemented.
As part of its initiative, Pradeo also released an online diagnostic test taking organizations through a 2-minute audit ending up on a custom action plan targeting structuring steps towards a GDPR compliant enterprise mobility.