Encryption for GDPR Compliance

Encryption for GDPR Compliance

Under the GDPR, organizations must take appropriate measures to protect personal data from unauthorized access, use, disclosure, or destruction. One of the measures that organizations can take is to use encryption and other cryptographic techniques to protect personal data.

Cybersecurity Trends To Watch Out For In 2023 And Beyond

Cybersecurity Trends To Watch Out For In 2023 And Beyond

Each year, various events within the cybersecurity industry have a significant impact on the industry, leading experts to predict an increase in the frequency and severity of such occurrences in the years ahead. As preparation is preferred over mitigation, awareness of what to anticipate this year and beyond is essential.

How Bring Your Own Key Can Provide Schrems II Compliance for AWS-Hosted Data

How Bring Your Own Key Can Provide Schrems II Compliance for AWS-Hosted Data

Companies who use Amazon Web Services (AWS) often choose to do so because of its scalability, ease of use and lower costs than other services or hosting their own data centers. However, it could bring a challenge for those in the EU who need to remain compliant with Schrems II to protect their data. Here we discuss the compliance challenges facing EU companies using AWS to host data and how Cryptomathic’s Bring Your Own Key (BYOK) Service can provide Schrems II compliance for AWS-hosted data.

Secure BYOK Service for AWS S3 Buckets

Secure BYOK Service for AWS S3 Buckets

Keeping data safe in the Cloud has always been a concern for users, hence the need for encrypting data. With more businesses taking advantage of what the cloud has to offer with cloud-based services, there has been increased focus on who should manage the keys used to encrypt and decrypt data.

This article takes a look at how Cryptomathic’s AWS BYOK Service can provide better control and auditability of key encryption keys for the Amazon Simple Storage Service (Amazon S3).

New Executive Order on U.S. Surveillance Might Lead to "Schrems III"

New Executive Order on U.S. Surveillance Might Lead to "Schrems III"

In this article we will discuss why shortfalls in U.S. President Joe Biden’s recent Executive Order do not meet the requirements of the EU’s Charter of Fundamental Rights.

Key Management for GDPR

Key Management for GDPR

Introduction

Much has already been written about EU General Data Protection Regulation (GDPR), which comes into force on 25th May 2018 to protect EU citizens’ personal data. It applies to all companies processing and holding the personal data of data subjects residing in the EU, regardless of the company’s location. Unlike EU Directives, GDPR does not require national legislation to enact its provisions, so organizations not in compliance may face fines of up to 4% of annual global turnover or €20 Million (whichever is greater) from day one. The scope of the Regulation is broad, so this article will focus on the important role of encryption and particularly key management in aiding compliance. But first, let’s understand some key concepts and terminology: