The long list of materials, documents and online resources on the GDPR available online which we published few weeks ago scores a new entry, as Virtru just released an interesting document which investigates some key aspects of GDPR: E-Mail and File Sharing governance and management.
The document, after a brief introduction on the GDPR, underlines how the respect of the upcoming European Regulation regarding the exchange of e-mails and files necessarily passes for the correct application of four fundamental elements: Encryption, Key Management, Access Control, Audit. Each of them is analyzed in concrete terms, providing the reader with valuable suggestions on what to do and what to avoid. The second part of the guide is dedicated to a quick summary of all the GDPR requirements concerning the scope of the Data Protection, compared to which a comparison is provided with the features offered by the Virtru Data Protection Software, an end-to-end encryption suite designed to make connections to cloud-based environments with Google and Microsoft technology such as Google Drive, GMail, OneDrive, Exchange Online and more.
The document is quite interesting, even if it’s mostly – just like other similar work we reviewed – a set of guides made by a vendor with specific interest in driving the reader into the adoption of their Data Security technology: for this very reason, the best thing we can do is to catch the general picture and filter out the marketing aspects. In case you prefer a more “neutral” and objective guide we will highly recommend – once again – the two tutorials released by ENISA this january: the Handbook on Security of Personal Data Processing and the Privacy and Data Protection on Mobile Devices.
Enjoy the reading!