Determine what to protect
Continuous patch and update management requires companies to know exactly which applications are installed on which devices. This is where solutions, such as the DeskCenter Management Suite for software asset management, help. One can inventory all devices in a network, including all programs. An intelligent solution must then be able to tailor all existing applications to a security database on a daily basis and list any potential security risks. From this overview, the software distribution or uninstallation of unauthorized applications is then possible. Automated software distribution is therefore an imperative part of an effective security strategy. This is the only and best possible way to protect all applications, both licensed and license-free, always keeping them up-to-date and GDPR compliant.
Managing access rights
The GDPR requires companies to achieve data economy and earmarking. This means that companies are only allowed to collect and process as much data as is actually needed. In addition, the data may only be used for the purpose for which it was collected. This affects IT’s authorization management, among other things. Only the employees who need the data should have access to it. A comprehensive solution is also suitable for verifying rights, which provides evaluations for all users with a representation of folder shares on all file servers. On this basis, access to sensitive data about employees, customers or suppliers can be presented transparently, regularly checked and, if necessary, restricted promptly and preventatively. This in turn strengthens cybersecurity.
Protection means: Quick patching
Processors are required to take measures for secure data processing. Firewall, antivirus software and data encryption have been a central element to any IT security strategy for a long time. However, version and patch management is still a widespread vulnerability. It is only with automated patch and update management, such as DeskCenter’s SAM solution, that companies can keep all systems up-to-date and effectively prevent potential data loss from cyberattacks. Security vulnerabilities caused by outdated release and patch statuses do not appear in the first place. In addition, Article 32 of the GDPR recommends the pseudonymization of user data to protect it. DeskCenter also offers this capability for personal data in licensing and IT service management.
Documentation in the processing directory
The GDPR also requires proof of the legality of the processing of personal data, the so-called processing register. This determines in which systems personal data is stored and processed and for what purpose. It is also necessary to classify whose data is processed, whether it is that of employees, customers or suppliers.
The basic condition for the processing directory is therefore a complete identification of all applications used. Ideally, a SAM solution also offers the opportunity to fully classify the entire software portfolio. From this information, a large part of the processing directory prescribed in the GDPR can then be generated at the touch of a button anytime if required. In order to comply with documentation requirements, additional, automated documentation of the data retention of user information and permission roles is also helpful.
With the latest generation of software asset management, or SAM 4.0 for short, DeskCenter provides a complete, modular solution. This means that current IT infrastructures that are undergoing continuous transformations, or underwent the digital transformation can be continuously managed and optimized, taking into account processes, costs, and compliance. This provides SAM 4.0 with the foundation of ongoing GDPR compliance.
IT management challenge data protection regulation
DeskCenter: Free add-on for GDPR fulfillment
The Leipzig-based software company DeskCenter supports companies with a new, free GDPR add-on to Software Asset Management (SAM) 4.0 in the implementation of the GDPR. According to DeskCenter, compliant data retention initially involves automated patch and update management in order to prevent data loss from attacks. For the required data economy and the earmarking of collected data, evaluations are offered, which gives all users an overview of the folder shares on all file servers. The add-on can be used to fully classify inventoried applications and then automatically generate the list of processing activities in accordance with EU specifications. In addition, the add-on is used to create the pseudonymization of user data in license and IT service management. It also documents the data retention of user information, permission roles and AD data.
Author: Benedikt Gasch, Director of Product Management, DeskCenter Solutions AG