With the broadened scope of the GDPR going into effect in May 2018, which includes requirements for the appropriate technical and organizational measures to mitigate risk and mandatory disclosure of breaches to impacted EU citizens and supervisory bodies, it’s imperative that organizations prepare. Failure to comply with the GDPR, as determined by authorities that will be able to perform data protection audits, could mean fines of up to 20 million euro or up to 4 percent of an organization’s worldwide annual turnover.
Fortunately, compliance doesn’t have to be difficult with easy search and reporting. The Splunk platform helps organizations meet key GDPR compliance needs such as:
How machine data plays a critical role in complying with the GDPR
The GDPR has many requirements where machine data can play a critical role in compliance. Splunk has identified three key capabilities where the Splunk platform can help organizations with GDPR readiness — mapping them into scenarios and GDPR articles. These can be applied generically to organizations across many industries.
Collect and index log and machine data from any source. Structure and schema are applied only at search time so data can be indexed regardless of format or location.
Deliver the scale, security and availability to suit any organization. With Splunk, you can search, alert and report on machine data from virtually any source.
Prove you handled digital records according to law and enforced your obligations. Access controls, comprehensive auditing and security baked into Splunk make this easy.
Create reports and dashboards to show the state of compliance with any required technical control for any point in time.
Quickly search through massive amounts of security events and machine data going back days, weeks or months to accelerate incident investigations or satisfy ad hoc requests from auditors.
Real-time monitoring that can provide a clear visual picture of the organization’s security posture, with easily customizable views and capabilities to drill down to the raw event data.
Splunk Enterprise Security Tour
Index Machine Data
Index and store any machine data regardless of format or location—network and endpoint security logs, malware analysis information, configurations, sensor data, wire data from networks, change events, data from APIs and message queues, and even multi-line logs from custom applications. With no predefined schema, data can be indexed from virtually any source, format or location.
Search, Correlate and Investigate
Search real-time and historical data using the same interface. Use familiar search commands to define, limit or widen your search, and correlate events across multiple data sources to reveal new insights. Correlate data based on time, external data, location, sub-searches or joins across multiple data sources. The search assistant offers type-ahead suggestions and contextual help so that you can leverage the full power of the Search Processing Language (SPL™).
Security Posture Dashboard
The Security Posture Dashboard provides continuous monitoring and at-a-glance situational awareness by tracking key security indicators and security metrics across identity, access, malware, endpoint and threat intelligence data sources. All aspects of data source, key indicators, and visual displays are configurable and customizable to suit any organization’s operating procedure. The point-and-click interface provides integrated workflows and actions from the graphical display.
© 2005 - 2022 Splunk Inc. All rights reserved.
