Eric Avigdor, DIrector of Product Management at Gemalto
Two critical European regulations are rolling out in 2017 and 2018. The General Data Protection Regulation (GDPR) is designed to strengthen the safeguards around personal data and create a more uniform standard within the European Union (EU), while eIDAS is the European Regulation aimed at creating a framework for cross-border electronic identification and transactions across EU member countries.
Paperless vs. Privacy is a real issue facing business in the EU, and around the world. Both eIDAS and GDPR have global ramifications and affect a broad group of industries. Complying with both of these regulations can be a real hardship for some small to mid-size companies.
Please join us for our BrighTalk webinar where our resident Public Key Infrastructure expert, Eric Avigdor, will help you tread the waters of eIDAS vs. GDPR. Which one is most important for your business? What are the consequences of non-compliance? We will also discuss how to comply with multi-factor authentication, physical access, and encryption requirements.
Join us for a new webinar in our series focused on helping companies prepare for the upcoming global government regulations, like European General Data Protection Regulation (GDPR). Data sovereignty, especially for cloud-first companies, is becoming an important part of any security strategy as these data breach regulations go into effect next year. Being able to demonstrate best efforts to protect the privacy of an individual’s data will be a requirement and non-compliance will have hefty monetary ramifications.
This webinar will walk attendees through what Gemalto has already done and is doing to prepare for data privacy regulations from product management to sales operations and more. Our Director of Global Data Privacy, Jean-Pierre Mistral, will share how and what we have done, takeaways and timelines and Alex Hanway, Product Marketing, will cover the different technologies companies can use to mitigate the risk of non-compliance and what this means for business operations globally.
Join us to hear more about:
•What is GDPR?
•Case Study: A look at how Gemalto has prepared for GDPR
•The implications for local businesses and technologies that can help mitigate risk around complying with data privacy regulations
The deadline to comply with Payment Card Industry Data Security Standard (PCI DSS) 3.2 is quickly approaching, leaving many businesses scrambling to understand and meet compliance requirements. Join us for an hour and learn more about the mandate and how you can prepare and be ready by February 2018.
This webinar will discuss and provide helpful information on the upcoming mandate including:
•Overview of PCI DSS 3.2
•What is new in PCI DSS 3.2 and what that means for your business
•Comprehensive solutions that will help you ensure compliance
•Mapping solutions to the needs of your department
Please visit our BrightTalk channel to register for the webinar.
The cloud provides organizations with elasticity and speed and by 2018 60% of an enterprises’ workloads will run in the cloud says 451 Research. The amount of business operations running in the cloud means organizations have more cloud computing service providers, with a typical enterprise having roughly six. This requires companies to develop and implement a multi-cloud strategy, especially when it comes to security. But each CSP has its own security offerings and integrations sometimes making the process confusing and complex. Even prior to the cloud, encryption and key management have presented challenges for many organizations, but with encryption becoming ubiquitous – a strong key management strategy is key. This is especially important with industry mandates and government regulations like European General Data Protection Regulation (GDPR) and U.S state data breach disclosure laws.
In this joint webinar with 451 Research, we will cover topics including:
-Building a multi-cloud security strategy for encryption and key management
-Best practices, benefits and pitfalls of managing your own security
-Impact of regulations on data protection in the next few years
-Understanding the different CSP requirements for key management:
oCustomer-Supplied Encryption Key (CSEK)
oBring Your Own Key (BYOK)
oHold Your own Key (HYOK)
oGeneral cloud service provider key management services overview
With the deadline for DFARS (Defense Federal Acquisition Regulation Supplement) quickly approaching, many business are scrambling to meeting compliance requirements. An important part of DFARS addresses the need for strong, two-factor authentication, as well as physical access controls to organizational information systems, equipment, and the respective operating environments to authorized individuals.
Are you prepared? If you’re like many other government contractors and subcontractors, a little advice may be needed to navigate the waters of physical and user access controls.
Gemalto’s Identity and Protection expert, Eric Avigdor, will be present and informative look at DFARS and what options are available to ensure compliance. What Eric will discuss:
•Overview of DFARS mandate
•Use cases – our experience from the field
•Comprehensive solutions that meet the multi-factor authentication and physical access controls required by the DFARS mandate
•Mapping solutions to the needs of your department
Blockchain technology is popping up everywhere from the currency market to smart contracts. The growth in the technology is evident from the investments being made, for example, PwC estimated that in the last nine last nine months of 2016, $1.4 billion had been invested globally in blockchain startups. This stems from its potential to enable efficiencies and cost-saving opportunities based on moving to a decentralized approach and away from the current centralized systems. With all the hype around blockchain, companies need to cut through the hype and ask the question - when does blockchain actually make business sense?
Blockchain is not a silver bullet and cannot solve every problem. There is also the added complexity of managing the security of many distributed nodes can only be justified by gaining business benefits from using blockchain. In this webinar, we will look at a business qualifying approach to blockchain to help you evaluate valid blockchain use cases and identify the security needs surrounding blockchain operations. Join us to learn more on:
•Securing blockchain from the edge to the core
•The operational benefits and pitfalls of blockchain technology
•Our 4 step qualification process for blockchain business opportunities:
1.Is there an established business process?
2.Are there more 3 parties involved – i.e. is it a distributed problem?
3.Is it important that the data being exchanged is trusted and considered to be factually accurate?
4.Would automation improve the performance of the process?
The explosion of cloud-based applications in the enterprise is making IT and security professionals rethink their cloud identity management strategy. By default, every cloud user creates an average of 17 cloud identities. But catering to 17 different user stores per employee or partner is simply not scalable from an administration perspective. And as if IT’s time is not precious enough, password resets account for 20% of helpdesk tickets. This adds to the compliance and security risks associated with cloud-based applications, which by default require only weak static passwords and offer no central point of management across disparate cloud-based services.
Join Stephen Allen, Gemalto Product Manager for Authentication and Access Management, and learn how deploying an Identity Provider enables:
•Cloud Single Sign-On for easy access to cloud apps
•Regulatory compliance with standards such as PCI DSS
•Reduced identity lifecycle overheads
•Centralized management of cloud access policies
•Increased security with step-up authentication
The India's Unique Identification numbers (UIDs), also named "Aadhaar numbers" contain Personally Identifiable Information (PII), the Unique Identification Authority of India (UIDAI) has mandated that the private cryptographic keys used to digitally sign and authenticate the UIDs must be stored in a Hardware Security Module (HSM).
In addition to HSMs, the UIDAI has also mandated the use of tokenization – replacing sensitive data with a token that can be securely stored, processed and transmitted as of August 2017.
Join this live webinar to know more about how to easily conform to the mandate:
•What is UIDAI's requirements?
•Why HSM and tokenization?
•How to ensure Aadhaar numbers are protected?
•What makes Gemalto's SafeNet Luna HSM and KeySecure unique?
•How to meet UIDAI's compliance mandates?
The introduction of GDPR is set to bring data protection to the top of businesses’ priority lists. So how can businesses ensure they are compliant and what steps do they need to take?
In this webinar, certified DPO Jan Smets with provide a six-step overview to help achieve compliance:
1) Understand the GDPR legal framework
2) Create a Data Register
3) Classify your data
4) Start with your top priority
5) Assess and document additional risks and processes
6) Revise and repeat
Law enforcement and defense organizations need secure access to sensitive data, and to provide services and to collaborate with others, while protecting the public, and any confidential information. Faced with these challenges, meeting compliance regulations such as Criminal Justice Information Services Security Policy (CJIS-SP) , is a priority for most organizations, especially as audits draw near.
Did you know that the Criminal Justice Information Services Security Policy (CJIS-SP) requires that data be encrypted when it is transmitted outside a secure facility, even within the same agency
“When CJI is transmitted outside the boundary of the physically secure location, the data shall be immediately protected via cryptographic mechanisms (encryption)”
Join us for an informative webinar where you will learn how to secure your data in transit as it moves across your internal and external network, to help ensure compliance with the FBI mandate.
•Overview of CJIS-SP mandate
Network vulnerabilities and how Ethernet encryption can help secure data in motion
•Use cases – hear how various agencies have successfully deployed network encryption to secure their data and meet audit requirements
•Mapping solutions to the needs of your organization
For more information on dealing with multi-factor authentication in the CJIS audit, check our part one in the series: https://www.brighttalk.com/webcast/2037/258091