Why you need an Information Centric Security model for the GDPR

Are You Ready?

Published October 2017

GDPR focuses attention on data security and privacy. Its reach spans beyond the EU border and applies globally. In fact, any organization that holds or processes personal data on individuals (or “data subjects”) in the EU has to comply.

The GDPR comes into force on 25 May 2018 and will influence how organizations build, deploy and manage their information protection systems.

The GDPR is based on the concept that data privacy is a fundamental right and puts the onus on organizations to adopt data privacy, and by extension, data security by design. Symantec’s view is that an information protection strategy that centers on the data - not the device, network or user - is one that meets the multiple data protection challenges facing organizations around the world, including many of the requirements of the GDPR.