OVERVIEW OF REGULATIONS WITH MCAFEE
1 DISCOVER :
Determining where the personal data you have is stored
COPE:
Data that helps recognize a person
- Name
- Email address
- Social media message
- Location
- Bank Details (credit card)
- IP Address
- Cookies
- Identity
INVENTORY:
Determination of the place where personal data is collected and stored
- Documents
- Databases
- Removable media
- Log Files
SAMPLE SOLUTIONS:
Data Lost Prevention
McAfee Host DLP
McAfee Network DLP
Database Security
McAfee DAM
Security Information and
Event Management
McAfee SIEM
2 MANAGE:
Managing how personal data is processed and accessed
DATA MANAGEMENT:
Defining policies, roles and responsibilities for the management and use of personal data
- According to the Data Types
- According to the content
- According to usage
CLASSIFICATION OF DATA:
Organizing and labeling data to ensure proper use
- Type
- Sensitivity
- Utilization
- Administrators
- Users
SAMPLE SOLUTIONS:
Data Lost Prevention
McAfee Host DLP
McAfee Network DLP
Database Security
McAfee DAM
McAfee Complete Data
Protection
Drive Encryption
File & Removable Media
Protection
Security Information and
Event Management
McAfee SIEM
3 PROTECT
Creating security controls to prevent, detect and respond to vulnerabilities and data violations
PREVENTING DATA ATTACKS
Protecting your data
- Physical data center protection
- Network Security
- Storage Security
- Access Control
- Encryption
- Risk prevention
DETECTING VIOLATIONS AND RESPONDING TO VIOLATIONS
Monitoring and detecting system attacks
- System monitoring
- Detection of violations
- Response to the threat
- Informing the relevant manager
SAMPLE SOLUTIONS:
Data Lost Prevention
McAfee Host DLP
McAfee Network DLP
Database Security
McAfee DAM
Network Security
McAfee Network Security IPS
McAfee Web Protection
Server Security
McAfee Cloud Workload Security –
Advanced
Move antivirus for virtual servers
Endpoint Security
McAfee Complete EndPoint
Protection – Business
McAfee Threat Intelligence
Exchange
Security Information and
Event Management
McAfee SIEM
4 REPORT:
Keep the necessary Documents, manage data requests and violation notifications
RECORD KEEPING:
Organizations shall need to keep the following records
- The purpose of data processing
- Classification of personal data
- Third parties who have access to the data and their access
- Organizational and technical security criteria
- Data storage periods
- DETECTING VIOLATIONS AND RESPONDING TO VIOLATIONS
- Monitoring and detecting system attacks
- Audit logs
- Violation notices
- Governance reporting
DETECTING VIOLATIONS AND RESPONDING TO VIOLATIONS
Monitoring and detecting system attacks
• Audit logs
• Violation notices
• Governance reporting
SAMPLE SOLUTIONS:
Data Lost Prevention
McAfee Host DLP
McAfee Network DLP
Database Security
McAfee DAM
Network Security
McAfee Network Security IPS
McAfee Web Protection
Server Security
McAfee Cloud Workload Security –
Advanced
Move antivirus for virtual servers
Endpoint Security
McAfee Complete EndPoint
Protection – Business
McAfee Threat Intelligence
Exchange
Security Information and
Event Management
McAfee SIEM
TECHNICAL MEASURES |
McAfee |
|---|---|
| The Authorization Matrix | |
| Authority Control | |
| Access Logs | ✓ |
| User Account Management | |
| Network Security | ✓ |
| Application Security | ✓ |
| Encryption | ✓ |
| Infiltration Testing | |
| Intrusion Detection and Prevention Systems |
✓ |
| Log Records |
✓ |
| Data Masking | |
| Data Loss Prevention Software | ✓ |
| Backup | |
| Firewalls | |
| Current Anti-Virus Systems | ✓ |
| Deleting, Destroying and Anonymizing | |
| Key Management |