使用 GoAnywhere MFT 以符合 GDPR 法規要求
歐盟 GDPR (General Data Protection Regulation) 是有史以來最嚴格的個人資料保護法規, 各國企業如有與歐盟企業往來或使用或保管歐盟國家人們個人資料者, 也須遵守此法規.
GoAnywhere MFT 提供下列功能滿足GDPR要求:
- 資料在傳輸及儲存時加密
- 詳細的稽核報表
- 敏感資料傳輸時使用安全連線
- 集中控制的強度加密金鑰管理
- 集中控制的檔案傳輸管理
- 區分角色的管理者與權限
關於 GDPR 完整內容請下載 歐盟個人資料保護規則(資料來源:財團法人金融聯合徵信中心)
GDPR Required Standards |
Corresponding GoAnywhere Feature |
Requirement: Article 5.1(e), 5.2
Personal data shall be processed in a manner that ensures appropriate security of the personal data.
The controller shall be responsible for, and be able to demonstrate compliance with, the security. |
GoAnywhere has several popular encryption technologies, including AES 256-bit encrypted folders that protect files at rest, ZIP with AES for compressing and encrypting files, OpenPGP compliant encryption that addresses the privacy and integrity of data, and SSH/SSL security for encrypting file transfers.
With GoAnywhere, you remain in control of the security and data at all times. Use detailed reports of file transfer activity, user statistics, and completed jobs to prove compliance with article 5. |
Requirement: Article 7, 8
Individuals must give consent to have their personal data collected and used. Consent must be separable from other written agreements. |
Personalize and send your consent forms through GoAnywhere’s Secure Forms module. Designate a form as public and send users access with a link, then collect consent and receive files (document scans, form signatures, and so on) as encrypted attachments. All submission history, including date stamps and user responses, is logged for auditing and reports. |
Requirement: Article 15, 20
EU citizens may request a copy of data and request to transfer personal data from company to company upon request. |
Use GoAnywhere’s Secure Forms module to create a data request form. When a user requests a copy of their data, GoAnywhere can encrypt and send the requested information through GoAnywhere’s password-protected Secure Mail.
This entire process can be completely automated with project workflows, and Secure Mail can be sent from within GoAnywhere’s browser interface or via Microsoft Outlook. |
Requirement: Article 25
Organizations must be able to provide a reasonable level of data protection and privacy. |
GoAnywhere MFT provides data protection and privacy through user roles, allowing the admin to limit who can view or process information. It also provides encryption for data in transit and at rest. |
Requirement: Article 30
Records of processing activities must be maintained, including the type of data processed and the purposes for which it’s used. |
GoAnywhere allows you to store and track detailed audit information. It generates comprehensive audit logs of all file transfer and administrator activity, which you can schedule on a regular basis, then search and view through browser-based administration or a PDF report. |
Requirement: Article 32
Controller and processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. |
Many GoAnywhere features ensure a stringent level of security for personal data, both in transit and at rest. Use GoAnywhere’s encryption technologies, encryption key management, and admin user roles to implement a solid security strategy for your business. |
Requirement: Article 39.1(b), 39.2
A Data Protection Officer shall be able to monitor compliance with the GDPR regulation (assigning responsibilities, related audits). |
GoAnywhere’s Admin Roles allow you to assign GoAnywhere functions to authorized users. Admin User Roles contain Auditor and Security Officer roles immediately, giving you the ability to assign a Data Protection Officer access to whatever they need for monitoring purposes.
GoAnywhere MFT is also managed from a single, central location, giving you control over everything without needing multiple logins, products, or unrelated add-ons. |
請下載完整資料: Meeting GDPR Requirements with GoAnywhere MFT
相關資料
玉山科技 版權所有 © Copyright AsiaPeak 2006, All Rights Reserved
|