The fact that it is a European regulation does not prevent GDPR from having effects in the rest of the countries of the planet, which is why it represents a very important milestone in the matter of personal data protection.
On May 25, 2018, the General Data Protection Regulation (GDPR) came into force, whose main purpose is to protect the personal information of citizens of the European Union (EU) . And although this law is promulgated in the Old Continent, its impact has global reach as it has a direct impact on companies that exchange products and services with entities based in Europe or have European citizens in their databases.
According to the article “What is the GDPR regulation and why should you care?”, Published in Expansion 1 1 magazine , the new regulation was approved in April 2016 and one of the biggest differences with respect to the previous rules lies in Being a regulation and not a directive, its application does not depend on modifications to the legislation of a country. Its application will be direct.
According to various specialists, the fact that it is a European regulation does not prevent GDPR from having effects in the rest of the countries of the planet, which is why it represents a very important milestone in the matter of personal data protection.
In particular, Mexican companies that exchange products and services with entities based in the EU will be directly affected, which is why it constitutes a turning point for them. It will also be the same for entities in the rest of Latin America.
Among the companies that have realized that they are in this group, there is some concern because the rules are complex and the fines for non-compliance can be around 20 million euros or the equivalent of paying 4% of their annual income, according to the offenses committed. Furthermore, if the company does not report a data breach within 72 hours, a much more severe fine can be expected 2 .
GDRP incorporates multiple provisions in the way information is organized, stored, used and protected. It is increasingly common for the exchange of information to be processed in the cloud, and if the appropriate measures are not taken, the vulnerability of the data could become apparent. Adherence to the GDPR implies the mandatory visibility of the use and activities of services and applications in the cloud.
In this regard, Cisco offers its Cisco Stealthwatch Cloud solution to the market, improves security and response to incidents throughout the distributed network, from the office to the public cloud. Among its virtues, it detects threats in real time, reduces false positives and offers security intelligence. Similarly, Network Visibility and Segmentation combines three solutions to have a more precise view of what is happening on the network: Cisco Stealthwatch Enterprise, Cisco Identity Services Engine and Cisco TrustSec technology.
This also calls for Cisco Firepower Next Generation Intrusion Prevention System (IPS) Threat Protection Devices (NGIPS), combining superior visibility, embedded security intelligence, automated analysis, and threat effectiveness.
At the local level, the newspaper Excélsior reported , the Government of Mexico City published the General Law for the Protection of Personal Data Held by Obliged Subjects, as are any authority, entity, body and organism of the Executive, Legislative and Judicial powers. , autonomous bodies, political parties, trusts and public funds 3 . This law, according to the newspaper, will be applicable to any treatment of personal data that is on physical or electronic media, regardless of the form or modality of its creation, type of support, processing, storage and organization.
It is no secret to anyone that data protection is multifactorial and that in no case can a single product provide the necessary protection, which is why it is very important that from the obligation to raise awareness and take actions before the fate and the onerous fines reach us.