Arrow_Dropdownic_001_google+_16ic_002_xing_16Group 2ic_003_facebook_16ic_004_linkedIn_16Groupic_005_message_16ic_006_upload_16ic_007_remove_16ic_008_email_16ic_009_attachment_16ic_010_file_16ic_011_name_16ic_012_arrow_left_16ic_013_arrow_right_16ic_014_arrow_down_16ic_015_arrow_up_16ic_016_dropdown_arrow_down_16ic_016_dropdown_arrow_leftic_016_dropdown_arrow_rightic_017_K&C_dropdown_arrow_up_16ic_018_language_16ic_019_Quote_16ic_020_+_16ic_021_=_16ic_022_phone_16ic_023_twitter_16ic_024_position_16ic_025_company_16ic_026_search_16ic_027_mobile_16ic_028_fax_16ic_029_location_16ic_030_enlarge_16ic_031_downscale_16ic_032_contactic_download_normal_16pxic_033_skype_16ic_006_download_16 copySearchGroup 26Rss_font_awesomeK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxK&C_Icons_32pxic_agile_128ic_business_128ic_agile_white_128ic_banknote_smile_128ic_business_128ic_business_128ic_checkmark_128ic_client_team_manager_128ic_code_file_128ic_code_files_128ic_corporate_cloud_platforms_128ic_crossplatform_apps_128ic_dedicated_team_128ic_developer_128ic_development_team_128ic_enterprise_128ic_faster_timeframe_128ic_fixed_price_128ic_graph_down_128ic_graph_down_128ic_hourly_128ic_hourly_white_128ic_information_finder_128ic_junior_developer_128ic_managed_team_128ic_message_128ic_mobile_app_startups_128ic_mobile_development_128ic_mobile_development_up_128ic_mobile_devices_128ic_multiplatform_128ic_multiplatform_white_128ic_pricetag_128ic_project_checklist_128ic_project_management_128ic_project_management_team_128ic_research_and_development_team_128ic_scalable_team_128ic_senior_developer_128ic_smaller_codebase_128ic_smaller_price_128ic_startup_128ic_team_manager_128ic_three_times_faster_128Consul_VerticalLogo_FullColorPacker_VerticalLogo_FullColorTerraform_VerticalLogo_FullColorVault_VerticalLogo_FullColorethereum_black_64ic_Interest_based_64ic_acrivate_card_64ic_api_client_64ic_application_architecture_64ic_application_architecture_ white_64ic_application_development_user_64ic_application_development_user_64ic_arrow_down_64ic_automated_backups_64ic_automated_infrastructure_provisioning_64ic_automated_infrastructure_provisioning_white_64ic_automated_storage_64ic_automated_storage_64ic_automation_64ic_microservice_architecture_64ic_avaliability_across_the_world_64ic_avaliability_across_the_world_white_64ic_blockchain_64ic_blockchain_white_64ic_brackets_64ic_brackets_64ic_build_64ic_build_64ic_build_64ic_business_64ic_business_partnership_64ic_business_partnership_white_64ic_business_64ic_calculator_64ic_calendar_64ic_calendar_64ic_car_rent_64ic_card_renewal_64ic_chat_64ic_chat_bubbles_64ic_chat_bubbles_64ic_chat_white_64ic_checklist_64ic_checkmark_64ic_blockchain_64ic_smart_development_64ic_blockchain_consulting_64ic_checkmark_white_64ic_clock_64ic_clock_white_64ic_cloud_media_64ic_cloud_solutionsic_cloud_solutions_whiteic_cluster_64ic_cluster_white_64ic_code_base_optimization_64ic_coding_64ic_coding_white_64ic_commenting_widget_64ic_commenting_widget_64ic_containers_64ic_containers_white_64ic_continious_64ic_continious_delivery_64ic_continious_delivery_white_64ic_continious_release_64ic_continious_release_white_64ic_continious_white_64ic_cost_saving_64ic_cost_saving_white_64ic_cpu_load_64ic_credit_card_64ic_crossplatform_app_development_64ic_crossplatform_app_development_white_64ic_custom_crm_64ic_custom_crm_64ic_independence_consulring_64ic_database_calls_64ic_database_calls_white_64ic_dedicated_teams_64ic_dedicated_teams_64ic_desktop_application_user_64ic_desktop_application_user_64ic_desktop_code_64ic_desktop_code_white_64ic_developer_64ic_developer_white_64ic_development_64ic_devops_64ic_devops_64ic_documents_64ic_documents_graph_64ic_documents_graph_white_64ic_documents_white_64ic_download_presentation_64ic_education_64ic_email_open_64ic_email_open_white_64ic_environment_healthcheckethereum_white_64ic_euro_64ic_euro_white_64ic_failure_solved_64ic_gdpr_64ic_globe_outlines_64ic_good_quality_64ic_high_load_websites_64ic_high_load_websites_white_64ic_hotel_booking_64ic_inability_64ic_inability_white_64ic_increase_64ic_increase_white_64ic_increasing_team_64ic_independence_64ic_integration_64ic_it_outsourcing_64ic_it_outsourcing_64ic_knowledge_sharing_64ic_mobile_devices_64ic_laptop_user_64ic_laptop_user_white_64ic_launch_64ic_launch_white_64ic_learning_64ic_learning_two_white_64ic_lighthouse_64ic_link_64ic_load_balancer_64ic_load_balancer_64ic_load_card_64ic_lock_64ic_lock_white_64ic_low_cost_64ic_low_load_websites_64ic_maintenance_tools_64ic_maintenance_tools_white_64ic_media_player_64ic_media_player_white_64ic_messaging_platforms_64ic_microservice_architecture_64ic_microservices_64ic_microservices_64ic_mobile_app_64ic_mobile_app_64ic_mobile_content_64ic_mobile_development_64ic_mobile_development_white_64ic_mobile_devices_64ic_mobile_devices_white_64ic_mobile_payments_64ic_mobile_social_media_applications_64ic_mobile_workflows_64ic_money_transfers_64ic_multimedia_sharing_64ic_multimedia_sharing_white_64ic_my_garage_64ic_no_access_64ic_no_access_white_64ic_no_oldschool_64ic_online_marketplaces_64ic_online_marketplaces_white_64ic_online_trading_64ic_online_trading_64ic_pair_device_64ic_parallels_64ic_parallels_white_64ic_passcode_64ic_payment_systems_64ic_performance_64ic_performance_issues_64ic_performance_issues_white_64ic_performance_white_64ic_plane_64ic_plane_white_64ic_plus_64ic_plus_64ic_pricetags_64ic_pricetags_64ic_product_64ic_product_search_64ic_product_white_64ic_productivity_tools_64ic_productivity_tools_64ic_project_delivery_64ic_project_delivery_white_64ic_project_management_64ic_project_management_collaboration_64ic_project_management_team_64ic_project_management_team_white_64ic_project_risks_reduced_64ic_quality_mark_64ic_quality_mark_64ic_quality_mark_white_64ic_question_64ic_react_native_64ic_response_time_64ic_response_time_white_64ic_rest_api_64ic_retail_64ic_transparency_consulting_64ic_scale_up_64ic_scale_up_white_64ic_security_64ic_security_64ic_self_healing_64ic_self_healing_64 copyic_send_money_64ic_server_64ic_server_white_64ic_shopping_64ic_shopping_white_64ic_sleep_mode_64ic_small_is_beautiful_64ic_smaller_price_64ic_social_benefits_64ic_social_connections_64ic_socket_64Group 20ic_spare_parts_for_cars_64ic_spare_parts_for_cars_white_64ic_speedometer_64ic_performance_consulting_64ic_speedometer_white_64ic_startup_64ic_startup_white _64ic_target_64ic_team_64ic_testing_64ic_testing_checklist_64ic_testing_checklist_white_64ic_testing_white_64ic_three_times_faster_64ic_touch_64ic_touch_id_64ic_touch_white_64ic_transparency_64ic_ui_design_desktop_64ic_ui_design_mobile_64ic_ui_design_mobile_white_64ic_umbrella_64ic_umbrella_64ic_umbrella_white_64ic_up_and_down_scaling_64ic_up_and_down_scaling_64ic_users_64ic_users_white_64ic_ux_design_64ic_ux_design_desktop_64ic_ux_design_64ic_ux_design_white_64ic_vehicle_64ic_web_based_search_64ic_web_based_search_white_64ic_web_browser_code_64ic_web_browser_developer_mode_64ic_web_browser_user_64ic_web_development_64ic_web_development_white_64ic_web_portals_64ic_web_portals_64ic_web_user_64ic_web_user_white64ic_workflow_64ic_workflow_steps_64ic_workflow_steps_white_64ic_workflow_white_64ic_working_environment_64solidity_blackGroup 19

GDPR: Smart Practices

On 25th May 2018, in Europe, the updated rules for the processing of personal data, established by the General Data Protection Regulations, come into force.


All companies that process (both inside and outside the EU) the sensitive data of citizens of European countries are required to comply with the requirements of this document. The scope of the new GDPR rules applies to all 28 EU countries. This document will replace the existing laws on the protection of personal data in European countries.


K&C would like to help you adopt the best security measures to comply with the GDPR.

What is GDPR?

The new rules were developed in response to a dramatic increase in cyber attacks and are aimed at combating such attacks through the cooperation of state and commercial enterprises and organizations.

Main Points of GDPR

First of all, the regulation can now apply to companies outside the EU. The rules should be followed by any company that processes sensitive data to offer goods or services (including free ones) to the EU or that monitor the behavior of citizens in the EU.


Monitoring includes:

-tracking the EU resident on the Internet;

-the use of data processing techniques for the profiling of individuals, their behavior, or their relation to anything.


The "offer of goods and services" in a particular EU country is when the company uses the language or currency that is common in that country.


Secondly, the rules account for the need to obtain user consent for the processing of their sensitive data. At the same time, data processing for different purposes will require separate permissions. It must be free, conscious, and concrete and may be withdrawn at any time.


Thirdly, companies will need to keep records of transactions with personal data (the type of data and the purposes it is processed for), as well as conducting internal audits. All companies will have to create internal documents regarding measures to be taken in case the procedure for the handling of sensitive data is violated.


Fourth, companies should notify the regulatory authorities about any violations related to someone’s data within 72 hours and maintain an internal registry of breaches.

What Has to Be Standardized

European lawyers note that companies that handle sensitive data will need to conduct a large number of changes to ensure that their activities comply with the new rules:

-develop new internal documents,

-perform an internal audit,

-verify existing agreements with users,

-conduct training for personnel

-appoint responsible persons in the company

Do You Really Need It

Yes, you do. Recall how attackers stole Uber’s considerable database with names, phone numbers and e-mail addresses of Uber customers. Although Uber paid the thieves $100,000 to destroy the data, no one guarantees that the information has been deleted and not sold to anyone else.


Meanwhile, if GDPR were in effect, Uber would be subjected to a hefty fine. If to be precise, up to EUR 20 million or 4% of annual turnover.


Other consequences are

-economic sanctions

-reputational damage

-loss of customers

-limits imposed on your operations

-customer complaints and demands for compensation


When the GDPR comes into effect, we should be ready for serious changes. We may see a rapid increase in the number of incidents of data theft in the European Union. Such incidents have already occurred. The difference is that now we will know about them.

Information Security

From the above, it follows that the problems of information security are becoming even more urgent.


Software and security updates should be a priority for all companies. Such cases as WannaCry or Equifax confirm this. Every day that passes without updating an affected system puts the entire company at risk, as well as the integrity of its data, including information about its customers.

The Best Practices

We can follow these practices to achieve better results.


-Analyse everyday processes


To help meet GDPR effectively, companies should be measuring how the company is performing now versus its potential. This will help to clarify the areas of improvement. Auditing the current, as well as new, processes and staffing, will give a deeper understanding of those areas that have to be improved or changed at all.


-Be ready for breaches


Being kept up-to-date on any risk which threatens your business gives you an opportunity to take necessary pre-emptive actions. Yet, it’s hardly achievable through native auditing as far as the process is mainly manual and takes a lot of time. So, we advise you to implement an automated auditing solution into your IT environment (for further information, reach out to the K&C team).


-Introduce the newest technologies to bridge gaps


To achieve the best results regarding data security, auditing, and privacy needs, resort only to the latest technologies, which can meet GDPR requirements. Appropriate technological safety measures, thorough gap analysis, and process landscape will help detect weak spots.


Make sure to provide

-Continuous monitoring

-Detection of untrusted files

-Intelligent threat detection

-Track certified admins


It is of paramount importance that you define which user accounts are able to create, change, and log into stored client data. An integrated audit analysis considering the way data is stored, accessed, and managed is to be done on an ongoing basis. Multi-factor authentication is one of the best methods to control access to user registration details.

“The adoption of GDPR is an indispensable step for every company that wants to stay afloat in Europe and move to a new level of service delivery in general. Now that K&C has already made the necessary cybersecurity changes to all its processes, we’re ready to help other enterprises and organizations minimize risks and comply with new rules.”

Michael Krusche, CEO at K&C



SHARE WITH FRIENDS
You might find this interesting
Our cases
Bosch Classic Cars - Digital Engagement Platform for 19K Vintage Car Owners
Our cases
Liferay Portal Performance Tuning Services for a Major Online Gaming Software Supplier
Our cases
How to apply React Native while developing heavy cross-platform mobile apps
E-book
How to Secure Web Product Development — FREE eBook
E-book
Digital Transformation: the Philosopher’s Stone of Economic Growth
Our cases
Reference: Major producer of auto electronics and spare parts
Our cases
Micro-service Architecture for New AngularJS Application - Case Study
Our cases
Portal Performance Tuning For Major German Travel Agency
E-book
Top Tools for Cost-Effective Web Development — eBook
Our cases
Reformation of Deployment Cycle for Bosch Classic Cars Portal
Our cases
Fast and Lightweight Mobile Application based on PhoneGap/ Cordova
Our cases
Drivelog.de — Web Marketplace for Car Owners and Service Providers
E-book
Determining Approaches to Mobile App Development
Our cases
The Platform Providing Event Organization
Our cases
VAIX - Fault tolerant infrastructure for 24/7 high-load machine learning service
Web,DevOps,Our cases
Our case: Marketplace for gaming goods
Outsourcing,Other
Hybrid, SaaS+PaaS, IoT: Cloud Trends to Catch in 2018
Web
Angular 2.0 vs Angular 1.4. What fits you best?
Web,Outsourcing,Testing
Sicherheit für Web-Anwendungen - dank Threat Modeling
Web
How to Motivate Your Dedicated Team to Work with Legacy Projects
Web
Fintech Apps - A Lucrative Solution for Customers and Businesses Alike
Outsourcing,Other
How to Control Agile Development: Progress and Costs
Web
Three Authentication Approaches to Keep Your Clients Safe
Web
What's New in React 16.3.0 - 16.4.2: Features Overview
Web
A Guidance for Keeping Your Web Development Project Within the Budget: Three Key Pillars
DevOps,Outsourcing,Other
ROCKET.CHAT as an internal messaging system and helpdesk platform
Web
Advanced Technologies for Marketing Automation
Web
Centralized Logging with Logstash, Elasticsearch & Kibana
Other
Culture eats technology for breakfast
Web
K&C insights: how to make your workflow work for you
Other
I’m Tired of Blockchain Hype, Are You?
Web
Node.js 10.0.0: Everyone’s Favorite Got Even Better
Web
Technologies that Foster Digital Transformation
DevOps
How We Use Ansіble for Configuration of Our Environments
DevOps,Outsourcing,Other
How to setup Kubernetes cluster on AWS
DevOps
DevOps with Puppet: Tips on Setting it up for Configuring Servers
Other,Marketing
How to Become a Leader in Your Market
Mobile
Reasons to believe in Ionic hybrid app
DevOps
How to start services on Linux
Web
Agile and DevOps are Key Drivers of Digital Transformation
Web,Our cases
White Label: A Customized Software Solution from a Business and Tech Perspective
Web,Outsourcing,Testing
Web App Security 101: Keep Calm and Do Threat Modeling
Web
Scaling software solutions - how it works
Other
Don’t Treat Me Like a Fool: The worst thing you can do for your business
Web,Other
Dedicated Teams for Web Development: Choice Criteria to be Checked
Web,Other
How to Make Your Web Solution Rock: 7 Areas to Check
Web,Outsourcing
Migration from Angular 1 to Angular 5
Mobile
Native or Hybrid Apps: A Quick Comparison
DevOps
Setting Up: Traefik Balancer In Rancher Cloud
Web,Outsourcing,Amazon Web Services
DEBUGGING AWS LAMBDA FUNCTIONS
Other
Europe’s Big Payments Directive PSD2
Web,Amazon Web Services
Monolith, Microservices, Serverless... Are We in the Middle of the Way?
DevOps
DevOps: Kubernetes Federation on Google Cloud Platform
DevOps,Amazon Web Services
Kubernetes at the Forefront of Secure Microservices Future
Other
The Power of the Holistic Business Analysis
Outsourcing,Other
How to Ramp up Your Team Wisely
Web
A secret formula of an agile dream team
Web,Outsourcing
Angular 6 vs. Ember 3
DevOps
Use case: how to build and run Docker containers with NVIDIA GPUs
DevOps
DevOps As DevSecOps – Full Integration of Threat Protection Without Compromising Deadlines of Budgets
Web,Mobile,Back-end,Amazon Web Services
Why Enterprises Choose Serverless Architecture
DevOps
What to Choose: NFS or CEPH?
Web,Other
GoLang: Features, Pros and Cons
DevOps,Outsourcing
Rancher 2.0: A Quick Look at the New Version
Web,Outsourcing
Why It’s Better to Use Vue.js than Angular and React in 2018
Web,Outsourcing,Other
How a Company Can Benefit from White Label: K&C experience
Other
Big Data: Why Your Business Needs it ASAP
Outsourcing
SCALED AGILE FRAMEWORKS: YOUR COMPLETE GUIDE TO WHICH, WHY AND HOW
Web
SEO Tips & Tricks for Single Page Web Applications
Web
Web App Security 101: How to Defend Against a Brute Force Attack
Web
4 Time-Saving Ways to Test Your Cross Platform Mobile App
Web
JQuery vs. Angular: Ad Astra per Aspera
DevOps
Kubernetes backup with Heptio Ark
DevOps
Hashicorp in Kubernetes: The short guide for Consul & Vault
Web,Outsourcing
Angular 7 vs React
Web,Other
SSR or CSR for Progressive Web App
Other
Ember, jQuery, Angular, React, Vue: What to Choose?
Web,Outsourcing,Other
Angular vs. React vs. Vue – Let the Fight Start!
DevOps
Docker: Virtualize Your Development Environment Right
Outsourcing,Other
Fortschritt und Kosten im Griff: agile Software-Entwicklung unter kontrollierten Bedingungen
Web,Other
Progressive Web Apps and Why You May Need Them
Web,Outsourcing
ANGULAR 6 versus REACT 16.3
DevOps
How to Build a Rancher & Docker Based Cloud
Web,Outsourcing,Other
Angular 5.0.0 – A Better Version of Itself
Outsourcing
The BPM in the Microservice Environment
Web
Cost efficient technologies
Outsourcing,Testing
Die Rolle des QS-Teams in Software-Projekten
Web,Outsourcing
Angular 6 Will Be A Hit
DevOps,Outsourcing
AWS DevOps: A New Way to Run Business
DevOps
Installation and setting up: Nextcloud as a local network storage on CentOS7
Web,Outsourcing,Other
JS Frameworks: The Trendiest Frameworks You Should Know
Web,Outsourcing,Other
JavaScript & WebSockets: How to Build Real-Time Applications
Web,Mobile,Outsourcing
Web-Anwendungen ziehen mit Mobile-Apps gleich
Outsourcing,Testing
How the QA Team Tests Your Project
Web,Outsourcing,Other
Angular 5 VS React.js – Who’s Going to Set the Tone in the Upcoming Year?
Web
All You Need to Know About Web App Security Now
Web,Outsourcing,Other
Golang vs. Node.js
Web
Microservices… when do we need them?
Web,Mobile,Outsourcing,Other
All You Wanted to Know About Chatbot Platforms
Web
Plan to Succeed: 4 Tips for Building Scalable Software
Marketing
Аudience-based Marketing
Web
Angular 4 vs React – what to choose in 2017
Web,DevOps,Outsourcing
DevOps als DevSecOps – Integrierter Schutz vor Bedrohungen ohne Termin- und Budgetüberschreitung
Web,Outsourcing,Testing
QA for CxOs: How to Hire and Outsource
Web,Other
JAMSTACK IS THE NEW FACE OF STATIC SITES
Web
Cloud Deployment: Overview of Options
Other
How to Convert Your Business to an Amazon-Style Market Leader
Web
When Microservices Help Make Future-Ready Products
Testing
What Is Quality Assurance and Why You Need It Immediately
Web
Debunking imaginary shortcomings of cross-platform frameworks
Web,Mobile,Back-end,Amazon Web Services
Serverless Architecture for Modern Apps: Stacks Providers & Caveats
DevOps,Outsourcing,Amazon Web Services
Information Security with AWS DevOps
DevOps,Other
Security in Kubernetes and How Companies Can Benefit from It
Our cases
How to Save Money Using Your Own Infrastructure
Other
Swimming with Sharks
Web,Outsourcing
Node.js vs. Angular.js – Two Sides of the Same Coin
DevOps
How We Manage Our Infrastructure with Chef