News Security

IceWarp affirms GDPR Compliance

General Data Protection Regulation (GDPR) is the largest and the most comprehensive EU legal act of personal data storage and processing in history. Adopted on 14 April 2016, it becomes applicable after a two-year transition period, on May 25th

Being GDPR ready, IceWarp solutions can improve companies IT further

IceWarp has been working almost for a year now, to set everything up, both technically and legislatively, for this global cornerstone of digital security. IceWarp is now fully GDPR compliant.

Setting up your IT with GDPR Compliant Server

In case your software is not fully GDPR ready, opt for a server which is. Ensure that all latest patches of all critical components of the system, including open ssl, certificates etc., are up-to-date.

In terms of IT infrastructure, make sure that you follow the general best practices of IT security, including remote access security, firewall security, password complexity enforcements, and malware protection.

There are also some other simple steps, you may want to take to be even more in the line with GDPR regulations:

  • Data loss protection – be sure you’re using SmartAttach and Archive functions
  • Grant only a mandatory access to a server – according to a level of clearance, lower the number of people with wide access to a server
  • Enable 2-factor authentication – for server administrators, simply use IceWarp Authenticator, which works smoothly for almost any IT admin, or set second authentication method like i.e. SMS
  • S/MIME keys – start digitally signing and encrypting your messages using S/MIME, but be aware of a significant increase of computing power needed
  • Levels of clearance – do a permission audit, deny an access to nonessential personnel, set different passwords to the most secure directories
  • Use user accounts only – we don’t recommend running IW under the root account, using dedicated user accounts instead
  • Data searching – set authorized individual, who have permission to seek through Email Archive and Full-text search
  • Erasing in person – make sure that erasing is done by the person who owns the data
  • Use system logs – enable system maintenance logs on your server, this allows you to track every action on a server, along with user authentication and activity

GDPR super-power is coming

IceWarp On-premise and Cloud are fully GDPR compliant at the moment. Things get more complicated when it comes to full-text search for personal data though. Because of complexity of GDPR and its maintenance demands, a built-in search engine isn’t enough. That’s why GedAI has been created.

Related posts

CrowdStrike Collaborates with NVIDIA to Advance Cybersecurity with Generative AI

enterpriseitworld

Zones and Sonata Software Sign Go-to-Market Partnership to Simplify Enterprise Application Delivery Through End-to-End Cloud Managed Services

enterpriseitworld

New Relic Announces Ashish Agarwal as CFO

enterpriseitworld