Absolute debuts GDPR data risk assessment

Absolute announced new GDPR Data Risk and Endpoint Readiness Assessments to accelerate compliance with the impending General Data Protection Regulation (GDPR).

These comprehensive assessments empower organizations to accelerate GDPR compliance programs by pinpointing vulnerable endpoints and at-risk data — on and off the corporate network.

Absolute’s new assessments offer deep insights and actionable recommendations to better protect and manage endpoints, where sensitive data might be accessed, stored or shared.

Increasingly sophisticated security incidents and escalating regulatory demands are placing unprecedented pressure on IT security to maintain constant visibility and control over data and endpoints. Dark endpoints and the sensitive data residing on them present significant dangers, especially as the enforcement of GDPR looms.

With more and more regulations on the horizon, it is essential that organizations be able to identify, monitor and remediate all endpoints, even those outside of the network. Absolute’s robust readiness assessment is an important first step to jump-start GDPR corporate compliance, especially when ensuring endpoint visibility and device usage across on-premises, cloud and mobile networks. The assessments leverage the power of Absolute’s platform and embedded Persistence technology to provide a complete understanding of the status of every endpoint, including those that have gone dark.

“Enterprises struggle under immense security and regulatory pressures as a result of today’s global digital environments,” said Chris Covell, CIO at Absolute. “With Absolute’s GDPR Data Risk and Endpoint Readiness Assessments, we provide companies with a universal place to begin their compliance journey by quickly identifying areas of concern, and more importantly, actionable ways to address them. By leveraging the powerful Absolute platform for assessment, organizations will gain unprecedented visibility into the complex web of their endpoints and data residing on them, in order to swiftly take action and promptly meet compliance requirements such as GDPR.”

Absolute’s GDPR Data Risk and Endpoint Readiness Assessments provide organizations with a list of recommended actions that can be immediately put in place to protect endpoint devices, infrastructure and data as a first step toward GDPR compliance.

The assessments provide details on areas such as:

• Whether sensitive data is stored on endpoint devices and the location of that data
• Evaluations of the controls in place on company assets
• Assessment of devices running required software to minimize vulnerabilities or malware
• Appraisals of the level of encryption on endpoint devices
• Review of the incident or data breach response procedures currently in place.

Absolute’s Data Risk and Endpoint Readiness Assessments help organizations better understand their current situation and comply with three key areas within the proposed GDPR framework, including Article 32 (security of processing), Articles 33 and 34 (notification of breach to authorities and data subject), and Article 35 (data protection impact assessment). The evaluation of an organization’s status of their endpoint security follows industry best practices as defined by ISO 27002, NIST 800-53 rev. 4, NIST CSF and CIS Critical Security Controls, among others.