Head Office: +44 (0)1293 400 720   |   City Office: +44 (0)2037 863 016   |  
|
|

Compliance
& Regulations

Prevent Detect
& Respond

Secure, manage and control
the enterprise IT infrastructure

Data breaches can seriously damage any organisation’s reputation or ruin the brand if its intelectual property is stolen. Perimeter security and Data Leakage Protection are two of the areas most likely to need addressing. There are many other areas businesses might want to consider such as regulatory compliance drivers GDPR and PCI etc, depending on the industry sector.

IT Security can sometimes be something that the IT teams “deal with” and not really perceived as something that they might need to worry overly with, “all these issues happen to other people” might be the thought process.

We listen and respond with the most appropriate solution based on your needs now and for the future.

The General Data Protection Regulation (GDPR) will apply in 12 months’ time, from 25 May 2018. The GDPR will significantly change and update the data protection regime in the UK.

Organisations that work with the personal data information of European Union residents need to overhaul business processes to avoid the risks of violating the General Data Protection Regulation.

Penalties for non-compliance could cost the organisation upwards of €20 million or 4% annual worldwide revenue, whichever is higher. It is not clear as to who will enforce this yet but as this covers very nearly every organisation trading, it is going to be hard to enforce. However, similar to Data Protection Act (DPA), it will be the Information Commissioner's Office (ICO) that will be most likely auditing organisations.

Compliance and Regulations

Information Security

What you need is a thought process to understand, identify and resolve

  • Perimeter security
  • Data leakage protection
  • Regulatory compliance drivers GDPR and PCI for example
  • Other drivers may be different depending on your sector

General Data
Protection Regulation

Organisations need to understand and comply with the new regime, not least because there will be increased penalties for non-compliance. The forthcoming GDPR stands to raise the stakes, as well as the risks, associated with the collection, transport, and storage of personal data.

Any organisation that trades with companies within the EU will be bound by GDPR. If they control personal identifiable information (PII), they need to be aware and what it means to them, and take appropriate measures to bring their policies and practices in line with this austere regulation.

Compliance and Regulations

Qual provides various ways to help simplify GDPR compliance, we approach organisations to get to grips with the principles of data protection.

Standard procedures to handle personal sensitive data

Implement record keeping processes that demonstrate compliance and accountability

Detecting data breaches and utilising breach procedures

GDPR Services Catalog

We can help you with tools, techniques and procedures that you might need to find structured and unstructured data that might be personal identifiable information (PII).
We can help you understand more about what Information Security and GDPR means for you. Our portfolio considers the most important topics for executives regarding data protection and security.

Our GDPR services
catalog consists of four categories

GDPR
GDPR Assessment:

Provides an analysis, gaps and recommendations on planning, governance, process, culture, data and technology. The assessment is based on market standards for methodology, such as ISO, ISF, CSA etc.

GDPR
GDPR Road-map And Strategic Plan:

Delivers a strategic plan with road-map for the GDPR execution, a set of defined action items that employ the use of technology to raise the quality and level of personal identifiable information (PII) within the organisation.

GDPR
GDPR Data Protection Impact Analysis:

A data protection impact analysis scope, governance, questionnaire and tooling is tuned to the specific needs of the organisation. Calculates the impact of each system and generates an overview of gaps, risks and measures.

GDPR
GDPR Technology Selection:

The technology selection process involves identifying the software and tools to mitigate the risks and help close the gaps, a managed RFP process and weighted scoring and solution selection to raise the quality and level of personal identifiable information (PII) within the organisation.

Our fixed price GDPR services are designed to advise where organisations need to focus their attention allowing them to fill in the gaps with evidence on measures taken to address the potential breaches.

Our expertise – Security

Solutions to secure, manage and control your enterprise IT infrastructure

GDPR - Compliance and Regulations
  • Firewall (On Premise or Firewall as a Service)
  • Managed Security Services
  • Penetration Testing, Vulnerability Assessments & Security Audits
  • Security Information & Event Management (SIEM)
  • Monitoring, Reporting and Alerting
  • Zero Day Threat Defence
  • Anti Virus and Malware
  • Identity & Access Management
  • Email Security – SPAM Filtering/Archiving & Compliance
  • Web Filtering – Real time URL scanning, Granular web policies & Application Control

Qual Can Offer:

As a starting point, Qual consultants are available to discuss the following with you –
please feel free to call us at +44(0) 1293 400 720

Compliance and Regulations
  • Legal basis to hold information forever
  • Data Processing practices
  • Information Access & Rights to individuals
  • Information Security i.e. data encryption, information availability, information recovery & restore capabilities
  • Process and Procedures for regularly testing, assessing and evaluating the effectiveness of security measures