2019 The Year of Data Regulations

2019 leader data protection

Data regulation is now a strong, permanent feature of the IT landscape.

Over the past year, a series of sweeping regulations have come into force that have brought change on entire industries.

Global business will have to operate in a new data environment in 2019.  With the year coming to a close, this is the opportune time for companies to recap on the most important laws governing digital data.

GDPR
The EU’s General Data Regulations (GDPR) was a game changer for Europe.  While earlier laws governing digital information prohibited specific infractions, GDPR was a paradigm switch, forcing organizations to completely revamp their practices and institute privacy by design.  However, in the six months since entering into law, the effects of GDPR have been minimal. While many companies have instituted changes to their protocols, the fundamental shifts regulators hoped for have been slow to come about.

Many experts are saying that it’s just a matter of time . Heavy fines from GDPR violations haven’t yet been reported.   Additionally, the infrastructure of enforcement simply hasn’t had time to come into its own.   2018 was GDPR’s year codification. 2019 will almost certainly be the year of enforcement.

California Privacy Act
Back in June, privacy advocates recently succeeded in one of the fastest legislative maneuvers in history by passing the California Consumer Privacy Act  (CCPA). Under the law, data collectors are now obliged under “the right to opt out” essentially the ability for users to object to their data being distributed or sold. Companies will also be required to “maintain reasonable security procedures and practices appropriate to the nature of the information”, ie the more sensitive, the more protection.

California’s privacy regulations will not become law until January of 2020. However, the more immediate effects of CCPA is its influence on the larger debate over US data laws. The regulations are likely to fuel the efforts of privacy advocates across other states. Even discussions on federal privacy  laws have been influenced by the CCPA.

National Breach Notification Law
The Gramm-Leach-Bliley Act, commonly known as GLBA, has been on the books since 1999.   The Act was revolutionary for its time, being one of the earliest data regulations in the modern era.  The federal law requires financial institutions to explain how they share and protect their customers’ private information. Compliance of GLBA is not particularly demanding.   The main section of the law, the Safeguard Rules require companies have an employee designated for data security, maintain a security program, and test it somewhat regularly.

A few months ago, the House Financial Services Committee introduced a bill  that would profoundly amend the GLBA.  These new rules would supersede a multitude of the state-level laws currently governing data collection, possibly putting an end to major regulations such New York’s DFS regs.  Perhaps the biggest change would be a “national breach notification law” for the financial industry.  As the name would suggest, the notification law would require companies notify users of a breach within a very short time period after it’s identified.

Cybersecurity and Infrastructure Security Agency Act
President Trump signed the Cybersecurity and Infrastructure Security Agency Act  (CISA) into law in mid November.

The repercussions of this bill turning into policy were tremendous. CISA essentially codifies the notion of data security being critical national infrastructure, and authorizes the administration to protect it as such.  Under CISA the Department of Homeland Security 9 was charged with assessing risks and threats associated with data systems, and force organizations to comply with safety measures.  This important law has had little time to get of the ground.    2019 will be the year the U.S. begins to feel repercussions of CISA.

100% Catch Rate .... You Bet!

We give this product our SC Lab Approved rating, the highest recognition we offer. If you have sensitive information on your enterprise, you need GTB – if for no other reason than that you’ll sleep much better knowing your data is protected. Peter Stephenson, SC Magazine

Best in Class Solution!

I am an investor at Bain Capital specializing in cybersecurity and infrastructure. We have been doing a deep dive into the enterprise data space since our investment in Ata#####, and have found data loss prevention one of the largest pain points. Many firms lack comprehensive data privacy policies and solutions. We see GTB’s platform as a direct response to address this problem, and we feel it is a best-in-class solution. Nov. 16, 2022 lkin

Blue Cross ... Meeting our complicated needs

Over the years, our environment has become increasing complicated as we continue to improve our security and data protection posture. GTB Technologies has demonstrated time and time again its ability to be agile in meeting our needs. We have seen other (larger) companies struggle to understand issues and communicate them within their company to work toward delivering a solution. This has not been the case with GTB.

LA Metro

“Security is a large initiative for LA Metro, as we continue to grow our network and infrastructure to meet our growing needs that support those living, working and exploring LA County,” said Los Angeles County Metropolitan Transportation Authority Senior Director of Engineering Richard Bezjian. “Our existing email protection would simply not be enough on its own to deliver the strength of protection required to identify and stop today’s cyberattacks. SonicWall delivers additional security efficacy with a competitive TCO.” utilizing GTB Inspector for Data in Motion OEM solution

City & County of San Francisco

"Each department faces unique regulatory challenges and data security must both protect vital data without interfering with critical business. That's why the City replaced its previous DLP and encryption solution with Avanan Data Protection and Encryption. Within days of deployment, the City saw a 30% improvement in the use of data encryption. " GTB catches the events which others missed! CISO City & County of San Francisco, using GTB Inspector for Data in Motion via GTB OEM Avanan 2020

Forcepoint Investor - Private Equity

I have been working closely with Forcepoint. They are highly impressed with GTB’s all-in-one DLP solution and its ability to discover, classify, detect, and protect companies from threats in a seamless manner.

GTB Is A DLP Market Leader

Our deployed Digital Guardian deployment was failing miserably. The product did not function properly and support was non-existent. The inability to address audit issues, inaccurate data provided by the system, and the lack of reporting prompted us to implement GTB after a detailed evaluation of DLP products.

Most Advanced DLP

"GTB has one of the most advanced DLP solutions on the market and we are proud to have them as a partner. As soon as we added them to the Avanan Cloud Security Platform we started seeing our customers testing and then purchasing their solution on our platform" Gil Friedrich, CEO Avanan

Best company to work with

GTB continues to be the best company to work with in our entire portfolio. I’m happy for GTB’s great success while still making MIDFLORIDA feel like your most important customer. Please consider me for a reference anytime.

Great Job All

From all the DLP solutions we have seen, yours Stands out and I believe you and the team are in for a great one. The new UI is so impressive. Great Job All

100% Catch Rate for Data Leakage? You Bet!

We give this product our SC LabApproved Rating, the highest recognition we offer

CISO - Global Financial Institution

I can't wait till you go public to buy your company shares!

Best DLP Software in 2023

#1 of the top 5 Data Loss Prevention solutions in 2023

Best DLP Solutions 2021

Best DLP Solutions 2021

Visibility: Accurately, discover sensitive data; detect and address broken business process, or insider threats including sensitive data breach attempts.

Protection: Automate data protection, breach prevention and incident response both on and off the network; for example, find and quarantine sensitive data within files exposed on user workstations, FileShares and cloud storage.

Notification: Alert and educate users on violations to raise awareness and educate the end user about cybersecurity and corporate policies.

Education: Start target cyber-security training; e.g., identify end-users violating policies and train them.

  • Employees and organizations have knowledge and control of the information leaving the organization, where it is being sent, and where it is being preserved.
  • Ability to allow user classification to give them influence in how the data they produce is controlled, which increases protection and end-user adoption.
  • Control your data across your entire domain in one Central Management Dashboard with Universal policies.
  • Many levels of control together with the ability to warn end-users of possible non-compliant – risky activities, protecting from malicious insiders and human error.
  • Full data discovery collection detects sensitive data anywhere it is stored, and provides strong classification, watermarking, and other controls.
  • Delivers full technical controls on who can copy what data, to what devices, what can be printed, and/or watermarked.
  • Integrate with GRC workflows.
  • Reduce the risk of fines and non-compliance.
  • Protect intellectual property and corporate assets.
  • Ensure compliance within industry, regulatory, and corporate policy.
  • Ability to enforce boundaries and control what types of sensitive information can flow where.
  • Control data flow to third parties and between business units.