ManageEngine Tunes SIEM Solution to Simplify GDPR Compliance

Manikandan Thangaraj, Director of Product Management, ManageEngine
Manikandan Thangaraj, Director of Product Management, ManageEngine
7 years ago

ManageEngine’s security information and event management (SIEM) solution, Log360, is now equipped with a prebuilt report and strengthened correlation engine to simplify enterprises’ efforts to meet General Data Protection Regulation (GDPR) requirements. With its new correlation rules and GDPR-specific report, Log360 helps enterprises improve their ability to detect data breaches, prove that their data is always protected, and meet requirements stated in Articles 25(1) & (2), 32(1)(b), and 33.

Starting May 25, 2018, every enterprise that handles the personal data of European Union citizens will need to maintain GDPR compliance. The GDPR’s main goal is to enforce transparent data collection and processing methods, as well as stricter data security policies. Non-compliance could result in a hefty fine, so enterprises have to assess their current data protection measures, document relevant information on data processing, and reform their data collection and processing procedures in accordance with GDPR requirements before the GDPR goes into full effect.

“Translating all the GDPR’s requirements into IT security policies will have a huge operational impact on businesses of all sizes. The larger the enterprise, the longer it will take to fully adhere to the GDPR,” said Manikandan Thangaraj, Director of Product Management at ManageEngine. “With just a few months left to become compliant, we’ve made it easier to get up to speed with the GDPR using Log360’s real-time correlation engine and exclusive GDPR auditing report.”

The solution also includes – Extensive auditing capability: Monitor critical changes to Active Directory—such as changes to security groups, GPOs, permissions, and more—in real time to prevent internal attack attempts. Audit databases and servers where personal data is stored to uphold the confidentiality, integrity, and availability of these systems; Privileged user monitoring ability: Track privileged user accesses and activities carried out on personal data to ensure that data processing is performed in accordance with the GDPR. Detect and get alerted for user behavior anomalies in real-time to prevent personal data leakage; Breach prevention module: Monitor logs from network perimeter devices such as firewalls, IDSs, IPSs, and security solutions, and correlate the data with threat feeds to prevent breach attempts originating from outside the network.