Meeting Security Compliance Requirement Standards with Spirion
Regulators around the world are continuously refining and enhancing existing data security compliance requirements, implementing new legal frameworks and defining new data security regulations to address increasing internal and external security threats. As requirements for data protection compliance strengthens, most and Data Governance solutions were designed to patch holes in compliance requirements becoming increasingly expensive and difficult to support.
The Spirion Data Platform provides an extensible solution that supports audit and compliance teams in their efforts across enterprises, cloud and network environments. The result is a simple, effective solution that helps meet regulatory compliance requirements with low total cost of ownership (TCO). Spirion’s open APIs allow integrations with your existing DLP tools, encryption software, data-archiving and storage solutions offered by leading technology providers such as Symantec, Intel Security and others to help increase the benefits from existing spend on these data security solutions
GDPR requires owners and processors of EU personal data to protect all personal data collected for, or about, citizens of the EU, in particular as it relates to processing, using, or exchanging data. Personal data means any information relating to an identified or identifiable person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, including but not limited to GPS/geolocation, IP addresses, static and dynamic, MAC addresses, Cookies, International Mobile Equipment IDs (IMEI), International Mobile Subscriber Identity (IMSI) , Unique mobile device identifiers (UDID), Advertising IDs and Log files. Spirion plays a fundamental role in helping organizations discover, classify and monitor any data fileSpirion provides a solution to help organizations discover, classify and monitor any data file-so they can respond in order to meet EU GDPR compliance requirements transparently – without changes to operational processes and the daily work of information security professionals.
Spirion helps enterprises comply with PCI DSS 3.0 compliance requirements 3 and 4 that call for the privacy protection of cardholder information. Spirion secures cardholder data in databases, fileshares, sharepoints, endpoints and all file types including structured and unstructured data or patternistic and non-patternistic data.
Electronic Patient Health Information (ePHI) needs to be secured to maintain compliance with HIPAA HITECH. Whether unstructured medical imagery or structured database information containing ePHI, Spirion secures and controls access to ePHI.
US states have data breach notification laws modelled on California SB 1386 that provides a safe harbor in the event of a security breach where the underlying data is encrypted. Spirion’s data discovery and classification solution helps support policies that provide a safe harbor and helps organizations avoid the cost and brand damage that comes with security breach.
Nations around the world are instituting data protection and privacy laws which mandate safe guarding citizen personal information including UK Data Protection Act and the EU Data Protection Directive. The Spirion Data Platform secures personal information, be it structured (in databases) or unstructured.
The Spirion Data Platform provides data discovery, data classification, protection, data security controls and reporting so enterprises can demonstrate effective control over sensitive information
NCUA Regulatory Compliance
The National Credit Union Administration regulates and audits credit unions in the U.S. These audits include data security. Spirion helps credit unions comply with federal mandates and standards for data access rights administration, encryption and key management and security intelligence.