InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
AI Subscribe Login/Register account icon
S&P 500
5,702.55
(
-0.19%
)
US TECH 100
19,287.60
(
-0.24%
)
Dow Jones
42,063.36
(
0.09%
)
Brent Oil
74.14
(
0.00%
)
Bitcoin
63,261.80
(
0.09%
)
Post# of 249567
Next 10
Reply Private New
Public Reply Private Reply New Post
Keep Last Read
Keep Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

Genz2

Send PM Follow Ignore
Followers 5
Posts 3005
Boards Moderated 0
Alias Born 09/06/2006

Genz2

Re: None

Wednesday, 05/15/2019 8:07:50 PM

Wednesday, May 15, 2019 8:07:50 PM

Post# of 249567
How to ensure Windows Server is GDPR-compliant

https://securityboulevard.com/2019/05/how-to-ensure-windows-server-is-gdpr-compliant/


The General Data Protection Regulation (GDPR), an EU law regulating the processing of personal data, came into force on May 25th, 2018. Organizations who breach the GDPR may be subject to fines of up to 20 million euros or 4% of their annual global revenue turnover. Taking into account the importance of the GDPR and the severe sanctions, Microsoft has put forth new efforts to ensure compliance with the new law.

According to Brad Smith, Microsoft’s president, Microsoft used the services of more than 1,600 of its engineers to meet the requirements of the GDPR. The result of this hard work is a comprehensive portfolio of tools helping individuals and organizations to adhere to the GDPR.

In this article, we will focus only on tools for Windows Server. These tools can be grouped into two broad categories: tools aiming to facilitate the compliance with the GDPR’s requirement to implement adequate information security measures, and tools facilitating the compliance with the GDPR’s requirement to notify personal data breaches to the data protection authorities.

Implementing adequate information security measures

Below, we’ll briefly examine eleven tools that can be regarded as adequate information security measures within the meaning of the GDPR: Control Flow Guard, distributed network firewall relying on software-defined networking, enhanced security auditing, Host Guardian service, Just-in-Time Admin (JIT) and Just Enough Admin (JEA), Shielded Virtual Machines, Virtual Machine Trusted Platform Module, Windows Defender Antivirus, Windows Defender Credential Guard, Windows Defender Device Guard and Windows Defender Remote Credential Guard.

Control Flow Guard

Control Flow Guard prevents jump-oriented programming (JOP) attacks by limiting the execution of certain application code. JOP attacks modify jumps and other control-flow-modifying instructions, thus allowing the program to jump to a location defined by the attacker.

Distributed network firewall relying on software-defined networking

The software-defined networking (SDN) in (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Daniel Dimov. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/ZTSsuwUWL3w/
==================================================================
If Virtual Machine TPMs are required for GDPR compliance for servers then it would seem that activated TPMs would be required for computers. Why take advantage of the TPM for servers when it is also just as important for computers?! It would seem that Microsoft and the TCG would be pushing for activated TPMs in computers for compliance within GDPR since software only security hasn't been very successful against cyber attacks.
==================================================================
https://www.wavesys.com/

https://www.wavesys.com/wave-alternative









Public Reply Private Reply New Post
Keep Last Read
Keep Last Read Next 10 Report Keyboard Shortcuts
Next 10 Prev Next
Join InvestorsHub

Join the InvestorsHub Community

Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.

Sign Up