Garland Technology ensures complete packet visibility by delivering a full platform of network TAP (test access point), inline bypass and packet broker products.
Garland Technology is committed to educating the benefits of having a strong foundation of network visibility and access. By providing this insight we protect the security of data across your network and beyond.
Garland Technology's resource library offers free use of white papers, eBooks, use cases, infographics, data sheets, video demos and more.
The TAP into Technology blog provides the latest news and insights on network access and visibility, including: network security, network monitoring and appliance connectivity and guest blogs from Industry experts and technology partners
Our extensive technology partnership ecosystem solves critical problems when it comes to network security, monitoring, application analysis, forensics and packet inspection.
Garland Technology is dedicated to high standards in quality and reliability, while delivering the greatest economical solutions for enterprise, service providers, and government agencies worldwide.
Whether you are ready to make a network TAP your foundation of visibility or just have questions, please contact us. Ask us about the Garland Difference!
General Data Protection Regulation (GDPR) is a mandated regulatory standard designed to unify data privacy and security requirements. This regulation affects companies that provide services within the European Union; however, any company that provides services over the internet can be subject to this regulation. With the ubiquity of internet based services, whether it is social media, streaming content, shopping or accessing your personal records online, personal data privacy and security practices will need to be regulated. Adoption is currently taking place in other regions around the world while using GDPR as a model to scrutinize privacy and security practices.
GDPR was implemented on May 25th, 2018. Due to its regulatory nature, any company that does not comply to GDPR is subject to large fines: $23.3M USD (as of August 2018) or 4% of the total worldwide annual revenue of the preceding financial year, whichever is higher. Consequently, being non-compliant to GDPR can bring an organization to a negative light from the perspective of employees, business partners, customers and ultimately, the public. While applicable only to organizations providing services within the European Union, other regions around the world are using GDPR as a model to enforce regulations for the betterment of security and privacy. Due to the inevitable widespread adoption of GDPR, ensuring that your network and services are compliant will be mandatory. Preparing your organization early is key to avoiding trouble with GDPR or its regional variant.
This regulation is designed to protect individuals that access and use your organization’s service from privacy breaches, identity theft, credit card fraud, ransoms, blackmailing and many others. Many online services typically handle sensitive personal information as a way of authentication.
GDPR replaced the Data Protection Directive which was designed to regulate how companies handle and protect personal data. However, the Data Protection Directive served more as a “guidance/recommendation” to companies and was not enforceable enough to actually regulate as it was initially intended to do.
Before GDPR, organizations that were previously attacked and had their customers’ personal data compromised took at least 4 months (in some cases 1-2 years) before disclosing the incident publicly or to a respective regulating body. GDPR enforces that organizations should disclose the incident at most 3 days after it happened and have the substantial amount of evidence to determine the root cause and the extent of that particular incident. If the organization fails to provide both, then the organization will be sanctioned.
Facebook, Under Armour and Orbitz – what do they have in common? All three organizations suffered incidents where millions of individuals are affected. Without a strong regulation in place, many of these data breaches can happen for months to years without the organization taking reasonable action. There are plenty of publicly disclosed high profile breaches between January to June 2018; with all of them having incidents starting 2017 and earlier but decided to disclose in 2018.
There are many ways an organization can be sanctioned for being GDPR non-compliant:
The quickest way your organization can be fined for non-compliance and possibly lose public trust is by leaking private/personal information as a result of a security breach by not implementing data handling and security practices within the GDPR standard.
For a majority of companies that are not yet GDPR compliant, it only takes a single successful breach to raise a “red flag” for the regulatory body to start scrutinizing on the organization which will lead to an eventual sanctioning.
Besides changing or updating your organization’s privacy policy, GDPR compliance has two primary components: privacy and security. Ensuring privacy means assessing data subject rights to consent, access, correct, delete and transfer personal data. Readiness in security includes identifying vulnerability, recent/reoccurring breaches and validating the current strategy.
In terms of networking and security, here are the essential goals to becoming a GDPR compliant organization:
One good point to consider is even when the organization is sanctioned, the regulating body can provide avenues of leniency given that the company has evidence that they are taking measures in good faith. This means an organization can minimize and mitigate against the potential consequences and sanctions that they could face with a genuine (and proven) commitment and effort to meeting their GDPR obligations.
Achieving compliance should not be a monumental undertaking; by utilizing Garland’s visibility solution and Quantea’s network monitoring solution, any organization will be a step ahead in attaining GDPR compliance.
Garland’s inline Network TAPs ensure the highest network visibility by providing data at line rate to a monitoring device, like Quantea’s and providing connectivity to an inline security device. Quantea provides trust and transparency by recording and indexing 100% of whole traffic data while providing the organization ease of accessibility of data for auditing and incident tracing. By utilizing the Quantea’s RESTful API, internal data auditing and assessment can be automated by creating advanced triggers to search and replay particular data types to determine whether there is a personal data loss during a breach incident. Having these capabilities at an arm’s reach is necessary in attaining GDPR compliance.
Capabilities:
Becoming GDPR compliant starts with monitoring the current state of your network to get a solid understanding of what's going on in the network and where your data is going. [Download Garland's whitepaper, The Ultimate Guide to Network Monitoring for an overview on network monitoring tools and best practices.]
As a pioneer in converging network analysis and data science, Quantea allows organizations to fully understand their networks, from macroscopic topologies to nanoseconds worth of network traffic. Quantea’s proven technology will efficiently target the underlying root causes of failures in existing equipment such as network switches, firewalls, and intrusion prevention and detection systems.