Bitdefender helps businesses
to become GDPR ready

Bitdefender approach to protecting
Personal Data consists of a four step journey:

Technology wise, Bitdefender’s layered response help companies to become compliant with the GDPR security requirements
by offering protection against data loss, data theft, including targeted attacks and enhanced visibility on data breaches.

Protection against
Data Loss - Lost/Stolen Devices

  • Full Disk Encryption

Protection against
Data Theft - Targeted Attacks

  • HyperDetect, Sandbox Analyzer,
    Advanced Anti Exploit
  • HVI
  • Application Control Whitelisting

Enhanced Visibility
on Data Breaches

  • Endpoint Security HD Insights
  • Security Analytics planned for xDR

Protection against data loss – lost/stolen device

Key facts:

According to Verizon’s 2016 Data Breach Investigation Report (DBIR), there were 554 million data losses records in the first half of 2016, alone. The same report also revealed that this type of data breach is common for healthcare organizations, making up almost half (45%) of healthcare data breaches with many data losses resulted from lost or stolen devices.



Bitdefender’s response: GravityZone Full-Disk Encryption

GravityZone Full Disk Encryption is leveraging the encryption mechanisms provided by Windows (BitLocker) and Mac (FileVault), taking advantage of the native device encryption, to ensure compatibility and performance. There will be no additional agent to deploy and no key management server to install. The solution provides:

There will be no additional agent to deploy and no key management server to install.

The solution provides:

  • Encryption management from the same cloud or on premise console used for endpoint protection
  • Native encryption for Windows (BitLocker) and Mac (FileVault), avoiding performance issues with no new agent required
  • Simple deployment of Full Disk Encryption to endpoints and management of restore keys from the console
  • Encryption specific reports that help companies demonstrate compliance
  • Pre-boot authentication enforcement

Sandbox Analyzer

Key facts:
According to the same Verizon report, there were 1,616 social attacks in 2016, approximately half (828) of which with confirmed data disclosure. In 95 percent of cases, attackers followed up a successful phish with software installation. That’s to be expected given most social attackers’ motivations and targets. Two-thirds of these actors chase after financial gain, whereas another third is in it for conducting espionage. Both these motivations involve the theft of credentials, personal information, and trade secrets.

Bitdefender’s response

Bitdefender’s layered next-gen endpoint protection platform is designed and built from ground up to protect against elusive, advanced targeted attacks. Several layers of security provide protection both at the pre-execution (Hyperdetect, Sandbox Analyzer), on-execution (Advanced Anti-exploit and Application Control), as well as a breakthrough technology for datacenter specific protection (HVI- Hypervisor Introspection).

Enhanced visibility on data breaches

Key facts:
According to a study carried out in 2017 by Ponemon Institute on the cost of data breaches, the results showed that the average time to identify a data breach is 191 days and the average time to contain the breach is 66 days. In the case of Equifax, the data breach occurred from mid-May to July 2017, was discovered at the end of July and was publicly disclosed in early September.

Bitdefender’s response

Visibility is key to tackle inside threats and data breaches. If discovered early enough, the efforts and related costs required to respond and mitigate internal threats resulted from data breaches could be substantially reduced.

Bitdefender’s layered next-gen endpoint protection platform was built from ground up based on the principle of adaptive security, which means that apart from the prediction, prevention and detection technologies, the security suite also includes dedicated visibility tools such as Endpoint Security HD Insight and Security Analytics for EDR

Synopsis

GDPR has become a reality and soon enough all companies will need to implement the necessary steps to become compliant. The process itself is complex and it involves several steps such as an assessment and gap analysis of the data privacy maturity, a detailed roadmap to address the new legislative requirements, a comprehensive map for security testing, audit and process evaluation and a continuous communication loop for constant compliance and improvement.

However, in the center of all these initiatives, companies will need to invest in technology as the main facilitator to achieve compliance. GDPR is talking about defining the state-of-the-art technology attributes for managing structured and unstructured data with a strong focus on data protection and privacy.

Through its integrated, layered next-gen security solution, Bitdefender is perfectly positioned to help companies becoming compliant by offering a set of technologies that seamlessly respond to the most rigorous GDPR requirements.