GDPR and Data Protection compliance

GDPR and IT Compliance

Our experts will:

Assess & Monitor your IT Risk

Secure your IT & Data Estate

Consolidate your IT & Data assets

Manage & support your IT against risk

Keep your IT Compliant

BCN Group can help you with GDPR, The Data Protection Bill and IT Compliance, providing step-by-step reviews of your existing systems and practices, recommendations for future approaches, and an integrated set of proven tools for gaining and maintaining control over all relevant data throughout your organisation.

The EU’s General Data Protection Regulation (GDPR) comes into effect in May 2018. To avoid potential fines of tens of millions of Euros, companies must move quickly to understand the legislation and put appropriate measures in place.

What is happening?

The clock is already ticking and businesses must act quickly to overhaul their governance of personal data on EU citizens. The new legislation defines personal data as any information relating to an identified or identifiable natural person – this means that organisations must carefully review and classify all of the data they hold. Among the provisions in the GDPR are:

  • Right of Access

    The right for citizens to access, correct, transfer or delete their personal information held within any company’s systems.

  • Consent

    The need for citizens to give explicit consent for their data to be held, and for companies to store this consent.

  • Notification

    The requirement for companies to notify data authorities and consumers within 72 hours of any breach in security around their data.    

  • Penalties

    The enforcement of fines of up to 4 percent of global annual turnover (or €20 million, whichever is higher) for serious violations.

How ready are you for GDPR? Take our Readiness test

Start the BCN GDPR Readiness Test

Enter your email address
Have you started the process to create a GDPR policy?
On a scale of 0 – 5 (1 low, 5 done), how close is your organisation to agreeing its GDPR policy?
Do you know all the apps your customer data resides in?
Can you secure or control all the apps where your customer data resides?
Has your organisation analysed the structured & unstructured personal customer data to establish where this data sits and how it can be accessed?
How advanced is your organisation’s Data Vulnerability blueprint?
Have advanced is your organisation’s Mobile Device security policy?
How confident are you that your organisation can meet Right to be Forgotten Requests?
How robust is your organisation’s process for notifying the ICO of data breaches?
How close do you now feel your organisation is being GDPR compliant?

How we help

Our focus is to help you reliably discover, classify, protect and govern data over time, regardless of where or how it is stored across your local or cloud infrastructure. Our approach is built on automation, integration and continuous monitoring, so compliance can be accomplished smoothly, rapidly, auditably and without the need to employ armies of administrators.

Secure the environment

Continuous monitoring and prevention of threats, both from targeted external attacks and accidental or deliberate internal breaches. We help you maintain your security posture and prevent escalation.

Protect data assets

Automatically discover, classify and protect both structured and unstructured data across all systems. We help you create best-practice approaches to implementing encryption, data masking and data redaction.

Secure endpoints

Support your increasingly mobile workforce, blending user convenience with secure access controls. We help you ensure protection for corporate data on BYOD devices, detecting threats and automating compliance.

We help you design and deploy a highly automated compliance solution to discover, classify, protect and govern personal data. Our proven deployment methodologies and enterprise-class support services provide high-quality security frameworks that can keep pace with evolving legislation.

Our services

We provide four key services to help you maintain a secure data environment and stay ahead of any legislation. These services can be summarised as:

Data Assessment

Identify the personal and sensitive data you hold.
Determine the structure of your customer, personal and staff data.
Locate where all your data resides.

Vulnerability Assessment

Identify the gaps in your security infrastructure.
Define how robust your current security policy is.
Identify what improvements can be made.

Breach Management

Manage risk by utilising tools to minimise the likelihood of breach.
How to best report a security issue.
Tools and processes to prevent repeat occurrence.

Ongoing Support

Continuous monitoring of your IT infrastructure.
Pro-active and on-call security experts.
Manage your policies and processes.

Best-practice solutions

After defining your organisation’s personal data, we run a full discovery exercise to find all such data across all systems. This will potentially include:

  • production, test and development databases
  • corporate documents stored on SharePoint, corporate fileservers, departmental NAS drives, user desktops or in the cloud
  • emails, instant messages and wikis
  • expired or dormant data in archives and backups

BCN Group offers software tools that enable you to discover, analyse and classify data in a highly automated way, and establish clear data lineages. We help you identify paths to and from the data, both inside and outside of the organisation, to review all security measures around data and run detailed risk assessments.

Our software solutions also enable you to:

  • monitor and audit data access and permission changes
  • create automated alerts when rules are breached
  • increase security through machine learning and user behaviour analytics
  • establish and manage data retention and destruction policies
  • lock down both sensitive and obsolete data
  • mask and anonymise data
  • establish intelligent internal and external network defences, incident-response policies and security restrictions

“They have always absolutely delivered what we’ve asked for – they do what they promise”

Joe Davies Ltd

GDPR and beyond

With software solutions and consultancy services from BCN Group, you can more easily understand, protect and govern all personal data, reliably record proof of consent to store and process that data, move quickly to correct, migrate or erase the data at the customer’s request, and automatically notify the relevant parties in the event of a breach.

The benefits of working with BCN Group for GDPR go beyond security, risk management and compliance: by finding the data that really matters and deleting redundant, obsolete and trivial data, you can save significant amounts on storage and backup costs. BCN Group can also help you to rationalise your IT infrastructure and database architecture, simplifying future compliance efforts, improving operational performance and reducing costs.

Take the next step

To find out how BCN Group can help you achieve GDPR compliance faster and more effectively, please contact us for an informal assessment. We’ll review your existing approaches to data protection and security, and provide a clear checklist of recommended next actions, helping you get started quickly.