Skip to main content
Image
purple hex pattern

Strengthening organizations' security postures while helping them avoid financial penalties

Perhaps the most comprehensive data privacy standard to date, GDPR affects any organization that processes the personal data of people in the EU - regardless of where the organization is headquartered.

Entrust and our technology partners can help you comply with the critical Article 5, 32 and 34 GDPR rules related to:

  • The pseudonymisation and encryption of personal data;
  • The unauthorized access to personal data.

Regulation

GDPR Overview

The General Data Protection Regulation is here. The GDPR is designed to improve personal data protections and increase organizational accountability for data breaches. With potential fines of up to four percent of global revenues or 20 million EUR (whichever is higher), the regulation certainly has teeth. No matter where your organization is located, if it processes or controls the personal data of EU residents, you need to be compliant.

Specific Requirements

Some of the key provisions of the GDPR require organizations to:

  • Process personal data in a manner that ensures its security, “including protection against unauthorized or unlawful processing” (Article 5)
  • Implement technical and organizational measures to ensure data security appropriate to the level of risk, including “pseudonymisation and encryption of personal data." (Article 32)
  • Communicate “without undue delay” personal data breaches to the subjects of such breaches "when the breach is likely to result in a high risk to the rights and freedoms" of these individuals. (Article 34)
  • Safeguard against the "unauthorized disclosure of, or access to, personal data." (Article 32)

Compliance

Strong Data Encryption and Key Protection

Entrust and our data encryption technology partners help you ensure that encrypted personal data remains unreadable, as defined by GDPR, by protecting encryption keys with FIPS-certified Entrust nShield™ HSMs.

Database Encryption Key Protection

Personal data housed in databases is attractive to attackers seeking to steal identities, payment credentials and more. Keep this information secure by protecting encryption keys with Entrust nShield HSMs.

Authorized User Controls

Establish a secure and scalable PKI that helps ensure that only authorized users and devices have access to sensitive data. Using Entrust nShield HSMs to help secure the process of issuing certificates and proactively manage private keys creates a high-assurance foundation for digital security.

Resources

Brochures: Entrust nShield HSM Family Brochure

Entrust nShield HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption and more. Available in three FIPS 140-2 certified form factors, Entrust nShield HSMs support a variety of deployment scenarios.

Entrust nShield HSM Family Brochure

FAQ: What is GDPR?

What is GDPR?