Bitdefender helps businesses
to become GDPR ready

Bitdefender approach to protecting
Personal Data consists of a four step journey:

Identify what personal
data you store and process

Evaluate what risks your
data is exposed to

Set procedurals and technical controls
to mitigate the risks

Enhance visibility and ability to
detect and respond to incidents

Technology wise, Bitdefender’s layered response help companies to become compliant with the GDPR security requirements
by offering protection against data loss, data theft, including targeted attacks and enhanced visibility on data breaches.

Protection against
Data Loss - Lost/Stolen Devices

  • Full Disk Encryption

Protection against
Data Theft - Targeted Attacks

  • HyperDetect, Sandbox Analyzer,
    Advanced Anti Exploit
  • HVI
  • Application Control Whitelisting

Enhanced Visibility
on Data Breaches

  • Endpoint Security HD Insights
  • Security Analytics planned for xDR

Protection against data loss – lost/stolen device

Key facts:

According to Verizon’s 2016 Data Breach Investigation Report (DBIR), there were 554 million data losses records in the first half of 2016, alone. The same report also revealed that this type of data breach is common for healthcare organizations, making up almost half (45%) of healthcare data breaches with many data losses resulted from lost or stolen devices.



Bitdefender’s response: GravityZone Full-Disk Encryption

GravityZone Full Disk Encryption is leveraging the encryption mechanisms provided by Windows (BitLocker) and Mac (FileVault), taking advantage of the native device encryption, to ensure compatibility and performance. There will be no additional agent to deploy and no key management server to install. The solution provides:

There will be no additional agent to deploy and no key management server to install.

The solution provides:

  • Encryption management from the same cloud or on premise console used for endpoint protection
  • Native encryption for Windows (BitLocker) and Mac (FileVault), avoiding performance issues with no new agent required
  • Simple deployment of Full Disk Encryption to endpoints and management of restore keys from the console
  • Encryption specific reports that help companies demonstrate compliance
  • Pre-boot authentication enforcement

Hyperdetect

  • It offers prevention at pre-execution
  • It leverages machine learning + advanced heuristics
  • It stops sophisticated threats (PowerShell, file-less attacks, shelter attacks, unknown ransomware)
  • It provides maximum detection accuracy without false positives
  • It offers Flexible settings to optimize aggressive protection with low false positives
  • It delivers full visibility into suspicious activities

Sandbox Analyzer

  • It offers automatic submission of suspicious files from endpoints for sandbox analysis
  • It provides Options to blocking or monitoring mode
  • verdict in real-time
  • It provides Insight into behavior of unknown files
  • It assures enterprise-wide protection

Anti-exploit])

  • It protects commonly used Microsoft and third-party applications
  • It focuses on attack tools and techniques
  • It serves as an additional layer of security for unpatched known and zero-day vulnerabilities
  • It works out of the box and designed for precision

Application Control

  • It validates applications that run on the end-point
  • It helps stopping ransomware, advanced targeted attacks or zero day malware

Sandbox Analyzer

Key facts:
According to the same Verizon report, there were 1,616 social attacks in 2016, approximately half (828) of which with confirmed data disclosure. In 95 percent of cases, attackers followed up a successful phish with software installation. That’s to be expected given most social attackers’ motivations and targets. Two-thirds of these actors chase after financial gain, whereas another third is in it for conducting espionage. Both these motivations involve the theft of credentials, personal information, and trade secrets.

Bitdefender’s response

Bitdefender’s layered next-gen endpoint protection platform is designed and built from ground up to protect against elusive, advanced targeted attacks. Several layers of security provide protection both at the pre-execution (Hyperdetect, Sandbox Analyzer), on-execution (Advanced Anti-exploit and Application Control), as well as a breakthrough technology for datacenter specific protection (HVI- Hypervisor Introspection).

Enhanced visibility on data breaches

Key facts:
According to a study carried out in 2017 by Ponemon Institute on the cost of data breaches, the results showed that the average time to identify a data breach is 191 days and the average time to contain the breach is 66 days. In the case of Equifax, the data breach occurred from mid-May to July 2017, was discovered at the end of July and was publicly disclosed in early September.

Bitdefender’s response

Visibility is key to tackle inside threats and data breaches. If discovered early enough, the efforts and related costs required to respond and mitigate internal threats resulted from data breaches could be substantially reduced.

Bitdefender’s layered next-gen endpoint protection platform was built from ground up based on the principle of adaptive security, which means that apart from the prediction, prevention and detection technologies, the security suite also includes dedicated visibility tools such as Endpoint Security HD Insight and Security Analytics for EDR

Endpoint Security HD Insight

  • It allows for remote detonation (Sandbox)
  • It provides better context on threats
  • It connects threats with threat actions
  • It offers enhanced endpoint optics for future analysis and further actions
  • It exposes suspicious threats (HD reports)

EDR Security Analytics

  • Events correlation and analytics automate detection and offer clear visibility into suspicious activity and indicators of compromise
  • High fidelity detection and alert triage enables security resources to focus on real threats
  • Incident visualization, threat investigation instruments and incident response workflows

Synopsis

GDPR has become a reality and soon enough all companies will need to implement the necessary steps to become compliant. The process itself is complex and it involves several steps such as an assessment and gap analysis of the data privacy maturity, a detailed roadmap to address the new legislative requirements, a comprehensive map for security testing, audit and process evaluation and a continuous communication loop for constant compliance and improvement.

However, in the center of all these initiatives, companies will need to invest in technology as the main facilitator to achieve compliance. GDPR is talking about defining the state-of-the-art technology attributes for managing structured and unstructured data with a strong focus on data protection and privacy.

Through its integrated, layered next-gen security solution, Bitdefender is perfectly positioned to help companies becoming compliant by offering a set of technologies that seamlessly respond to the most rigorous GDPR requirements.