Cryptshare can be an important component in a company's software landscape to be GDPR compliant. GDPR covers a large number of requirements. Many more than the Cryptshare intersections listed below.

How Cryptshare helps you to become GDPR compliant?

You can fulfill with Cryptshare central requirements of the GDPR

Right of access by the data subject and right to rectification using Cryptshare

  • Encrypting data transfer to receiver possible
  • Ad-hoc use
  • Metadata is also encrypted

Right to be forgotten / Data Cleanup Rules

  • Limited storage time of the files on the server is configurable by client
  • "Data cemeteries" are avoided

Right to data portability and Cryptshare

  • Transfer of all file formats possible
  • Globally used means of transport by e-mail and universal use of browsers give access to all

Data protection settings at a high level ... including those for outgoing e-mails

  • Protective e-mail classification regulates the security settings for users in the enterprise
  • Central management of policy settings bring IT Compliance
  • Highly secure encryption is used at times

Data Loss Prevention (DLP)

  • Protection of the transferred files, in the case of a wrongly selected recipient. Only the correct recipient knows the agreed password.
  • Analysis by external DLP solution possible before or after data upload (reverse proxy server / pre-processing) meaning your DLP rules are applied.

Cloud services and the processing of data relating to orders (order data processing)

  • Operation of Cryptshare is possible on premise or on cloud service. Customer decides.
  • A contract for order processing between you and us is not required when operating Cryptshare in your own DMZ.

GDPR compliant e-mail with Outlook

A short GDPR, obligations and opportunities

The General Data Protection Regulation GDPR enters EU law on May 25th, 2018. The European Union (EU) has for a long time seen data privacy as an important issue and has worked to create unifi ed legislation protecting the interests of all citizens of the EU whose data may be held inside or outside the EU. Whilst not entirely new legislation in the latest form it does include some signifi cant new provisions with far reaching impact to companies worldwide.

Several new terms will require careful consideration by all organisations and we conclude several things having talked to representatives of the EU, to our customers and to customers of other technology vendors, in the USA, EU and APAC. These are that:
 

Most organisations have implemented some of the protections they need, but few have covered all bases. There is work to be done.
 

Non-EU based companies have much more to do and may be more vulnerable under scrutiny. It is time to catch up.

Technology is key to solving the issues, but soft requirements (people and behaviour) cannot be ignored. Few organisations have allocated suffi cient money or time to handle these new demands.

Using established technology such as e-mail, having solved known issues of large file handling and security fi rst bring quick wins. Why? You can implement this fast and place a known solution in front of all users for a far more predictable outcome.
 

This may be a great time to get rid of some legacy technology and replace it with more modern, cheaper, more focussed solutions that do what you need and don’t cost a fortune for what you do not need.

  • Replace FTP, SFTP, S/Mime and PGP
  • Prohibit Shadow IT solutions, private Dropbox, uSend IT etc.

Severe penalties up to 4% of global annual turnover will galvanise actions, but this is leading to a feeding frenzy by vendors making unjustifi able claims about their “unique” approach. You need to clear away the smoke!

Some headlines of the GDPR and what has changed?

The objective of the GDPR is to protect the data privacy of all EU citizens in an increasingly data orientated world.
Some new provisions include:

Today, companies are confronted with an ever-increasing volume of electronic communication. Messages and files containing sensitive information need to be exchanged securely and conveniently around the globe.

Consumer platforms and apps, mostly financed through collection of data and advertising, steadily grow and extend their reach.

Meanwhile, organisations see themselves confronted with multiple challenges and threats: Criminals, competitors, and foreign governments want to get hold of their sensitive data.

These are that:

  • Most organisations have implemented some of the protections they need, but few have covered all bases. There is work to be done.
  • Technology is key to solving the issues, but soft requirements (people and behaviour) cannot be ignored. Few organisations have allocated sufficient money or time to handle these new demands.
  • Use established technology such as e-mail, but solve known issues of large file handling and security first. Why? You can implement this fast and place a known solution in front of all users for a far more predictable win.
  • Non-EU based companies have much more to do and may be more vulnerable under scrutiny. Time to catch up.
  • This may be a great time to get rid of some legacy technology and replace it with more modern, cheaper, more focussed solutions that do what you need and don’t cost a fortune for what you do not need.
  • Severe penalties will galvanise actions, but this is leading to a feeding frenzy by vendors making unjustifiable claims about their “unique” approach. The mirrors are everywhere and the smoke is thick.

Whitepaper Download

GDPR Compliance - The latest changes


Consent to the use of data for sales & marketing purposes

By submitting this form, I agree that befine Solutions AG may use my data for sales and marketing purposes and contact me for these purposes by telephone, e-mail and/or post until I withdraw my consent. My data will not be passed on to uninvolved third parties.

I can revoke this consent from Cryptshare Inc. at any time, also in part, by email to info@cryptshare.com or by post to Cryptshare Inc. 18 Commerce Way, Suite 2650, Woburn MA 01801.


Click here to read our complete Privacy Policy.