GDPR Compliance with Splunk
Meeting your European General Data Protection Regulation (GDPR) compliance needs
Protect personal information in the digital age
With the broadened scope of the GDPR going into effect in May 2018, which includes requirements for the appropriate technical and organizational measures to mitigate risk and mandatory disclosure of breaches to impacted EU citizens and supervisory bodies, it’s imperative that organizations prepare. Failure to comply with the GDPR, as determined by authorities that will be able to perform data protection audits, could mean fines of up to 20 million euro or up to 4 percent of an organization’s worldwide annual turnover.
Fortunately, compliance doesn’t have to be difficult with easy search and reporting. The Splunk platform helps organizations meet key GDPR compliance needs such as:
- Detection, prevention and the investigation of breaches (Articles 32/33/34)
- Prove that your GDPR security controls are in place and enforced (Articles 3/58/82)
- Search and report on personal data processing (Articles 15/17/18/28)
How machine data plays a critical role in complying with the GDPR
The GDPR has many requirements where machine data can play a critical role in compliance. Splunk has identified three key capabilities where the Splunk platform can help organizations with GDPR readiness — mapping them into scenarios and GDPR articles. These can be applied generically to organizations across many industries.Get the GDPR Compliance White Paper
Why Splunk for GDPR Compliance?
With Splunk, customers can create correlation rules and reports to instantly identify threats and automatically surface areas of non-compliance. Splunk makes demonstrating compliance in regard to technical controls a frictionless process.
Flexibility and ReliabilityDeliver the scale, security and availability to suit any organization. With Splunk, you can search, alert and report on machine data from virtually any source.
Controlled Data AccessProve you handled digital records according to law and enforced your obligations. Access controls, comprehensive auditing and security baked into Splunk make this easy.
Easy ReportingCreate reports and dashboards to show the state of compliance with any required technical control for any point in time.
Compliance ReportingQuickly search through massive amounts of security events and machine data going back days, weeks or months to accelerate incident investigations or satisfy ad hoc requests from auditors
Intuitive Visual DashboardsReal-time monitoring that can provide a clear visual picture of the organization’s security posture, with easily customizable views and capabilities to drill down to the raw event data.
Splunk Enterprise Security Tour
Index Machine Data
Search, Correlate and Investigate
Security Posture Dashboard
Index and store any machine data regardless of format or location—network and endpoint security logs, malware analysis information, configurations, sensor data, wire data from networks, change events, data from APIs and message queues, and even multi-line logs from custom applications. With no predefined schema, data can be indexed from virtually any source, format or location.
Search real-time and historical data using the same interface. Use familiar search commands to define, limit or widen your search, and correlate events across multiple data sources to reveal new insights. Correlate data based on time, external data, location, sub-searches or joins across multiple data sources. The search assistant offers type-ahead suggestions and contextual help so that you can leverage the full power of the Search Processing Language (SPL™).
The Asset Investigator allows you to visually correlate activities across devices that employ disparate technologies. You can adjust timeframes and build a story from the events and then either create searches to detect those events or share the story with a team member. Watch the video.
Glass Tables allow custom visualizations that can reflect your topology, workflows, detect, investigate and respond sequences. Use dashboards and summary views with relevant context to suit your needs. You can create glass tables from more than 100 Security Metrics, including notables.
The Security Posture Dashboard provides continuous monitoring and at-a-glance situational awareness by tracking key security indicators and security metrics across identity, access, malware, endpoint and threat intelligence data sources. All aspects of data source, key indicators, and visual displays are configurable and customizable to suit any organization’s operating procedure. The point-and-click interface provides integrated workflows and actions from the graphical display.