EU GDPR: Compliance with the requirements of regulators in the field of cloud computing

We often fear changes in Russian legislation and their possible impact on business. Meanwhile, regulators in the EU demonstrate an enviable determination in this matter. Under a cat the next portion of innovations. Read the post, if suddenly, your projects relate to user data.

EU GDPR is the European General Data Protection Regulation (General [EU] 2016/679). It will take effect on May 25, 2018 and will replace national data protection legislation. After that, it will be even more important for European companies to ensure data security, because penalties for leaks and misuse of data will be tougher. The EU GDPR provides for fines, penalties and public reprimand for involuntary or irresponsible disclosure of personal and corporate data of customers and third-party companies. And to avoid this, it is necessary to strengthen data protection measures.
')
Traditional network-centric solutions, such as firewalls and intrusion detection systems, cannot protect against hacking by privileged users and from targeted cyber attacks. There are other methods, such as information security and event management ( SIEM ) and database auditing and protection (DAP). Due to stricter data security requirements and increasingly frequent leaks, businesses will have to move from network centric solutions to data-oriented solutions. Strict access control, key management, and encryption along with intelligence are becoming necessary, because once you transfer everything to the cloud, you only have the browser as an interface.

Protection requires huge amounts of data processed by companies. This includes all personal data. Their leakage or other disclosure without permission under the new rules is unacceptable. Personal data cannot be transferred to other countries without proper supervision and permission - this is a problem for international corporations that will have to correctly share data or pay fines of up to € 10 million. And IT professionals will need to break their head, how to strike a balance between the requirements of data protection and the interests of employees of companies who need quick access to information and applications.

New Requirements and Cloud Computing

In order for the data management processes in an organization to meet the requirements of an EU GDPR, it is necessary to deploy security mechanisms all over the network so that unauthorized users cannot access the network. It is important to hire reliable staff for database management and system administration. It is recommended to organize the processes so that different privileges are assigned to users depending on their positions.

The data management system needs to be supplemented with effective technologies for enforcing the system policies of secure access to information, as well as its storage, retrieval, or manipulation of information.

Cloud computing allows you to centralize all data management, improve the security of a company's network, easily protect data, and manage access from a single system. Data can be securely stored in private, hybrid or public clouds, with secure, encrypted access.

Cloud computing is a broad term that describes various infrastructure and software solutions for ubiquitous access (usually via the Internet) to shared pools of configurable resources (computer networks, servers, storage, data, computers, applications and services). One of the most common cloud applications is application and desktop delivery, which gives employees access to centralized data from anywhere in the world.

Upon delivery of applications, data and software are transferred to an isolated environment, deployed on the client device, and executed there. No need to install or store anything. The user sends keystrokes and mouse clicks to the server and receives screen updates in response. Access to data is controlled only by authentication; in addition, you can enable two-factor authentication or fine filtering based on the user's location, device type, or MAC address.

Transferring data from user devices to the cloud significantly reduces the risk of leaks or losses, and will help organizations comply with EU GDPR requirements. In addition, clouds are characterized by scalability, agility and mobility while maintaining a high level of security and business continuity.

Cloud benefits

Driven by the revolution in mobile IT and the requirements of the EU GDPR, many organizations are moving towards the clouds, receiving in exchange for better security, wider and simpler scalability, use on any mobile devices and reduced costs.

Safety Centralized data storage in the cloud eliminates the risk of physical theft, the most common type of data leakage.

Scalable . Companies can easily scale their cloud infrastructure, unlike traditional data centers. Typically, personal data is stored in organizations for years, so regular data centers can be overloaded with a huge amount of information that has been accumulating for a long time.

Mobility . Clouds provide employees with secure access to data, applications, and desktops from any device from anywhere. Organizations can fully adhere to the principles of BYOD (bring-your-own-device) and CYOD (choose-your-own-device), while maintaining productivity and improving data protection.

Cost reduction . Clouds allow companies to significantly save. Improved hardware utilization improves business efficiency. Centralized deployment of applications and desktops reduces the burden on IT-employees, which further increases the savings.

Creating a secure cloud solution using Parallels Remote Application Server (RAS)

Although cloud solutions allow you to create efficient, scalable and reliable systems, the potential of such solutions is fully revealed in the virtualization of applications, desktops, files and folders that can be delivered to various devices. Thanks to the centralized management of applications, data storage and maintenance, IT departments have more control, they can remotely strictly separate corporate and personal data.

Parallels Remote Application Server (RAS) is a solution for delivering virtual applications and desktops. It allows you to work safely from anywhere, on virtually any device, including Android and iOS. RAS can be used to create any cloud infrastructure, as it works seamlessly with Microsoft Remote Desktop Services (RDS), Citrix XenServer, VMware EXSi, Microsoft Hyper-V, Nutanix Acropolis (AHV), and KVM. Parallels RAS can be deployed in a private, hybrid or public cloud like Amazon Web Services (AWS) and Windows Azure.

To reduce the risk of data leakage, you can force the use of access rules and scatter data across secure repositories. This strengthens the division into user groups, departments, and regions.

Parallels RAS can centrally deploy critical OS updates and security patches to all users at the same time, reducing downtime and increasing security. RAS also supports continuous availability (continuous availability), resource-oriented balancing and universal printing (universal printing).

Because of these capabilities, as well as strong data protection, many companies use Parallels RAS to provide access to applications, desktops, and data.

Improving business security

Data is not stored locally . The data is stored in our company's cloud-based data center, and they are provided with secure access via encrypted connections. On devices nothing is saved. Remote users receive only a projection of data, applications and desktops located on the server.

Advanced filtering . Parallels RAS integrates with Active Directory and offers advanced filtering options to prevent unauthorized access. Filtering rules allow administrators to restrict access to important data (for example, details of bank card holders) by user, group, MAC address, IP address and other criteria.

Login to the system . There are two login modes: private and public. In the first case, user data (name and password) can be stored on the device. When you publicly log on to the device, nothing is saved. This increases the security of shared workstations and tablets.

Separation of data . Parallels RAS can create an unlimited number of farms and sites. A farm is a group of servers used to deliver applications to users, and a site is a group of farms. However, each site has an independent Activity Directory. Sites cannot share data, which guarantees perfect information sharing.

Replacing desktops . Parallels RAS offers companies the ability to replace desktops for Windows machines, turning them into safe pseudo-thin clients. Administrators based on security requirements can decide which applications will run locally. You can block any local operations on the machine and allow only those operations that are remotely executed on the server.

Restriction on copying and pasting . To avoid leaks from applications and desktops, you can disable the use of the buffer - copying and pasting data.

Enhanced security . All data is stored on servers with centralized security and backup management. Only mouse clicks, keystrokes and screen redrawing are transmitted to and from client devices. It prevents leakage, penetration of viruses, trojans and protects against other vulnerabilities and threats on clients.

Authentication with smart cards . Parallels RAS makes it easy to organize user authentication in a virtual application using smart cards. Redirecting virtual desktops and applications can be a daunting task, and using smart cards can improve security.

Two-factor authentication . Increases protection through the use of different types of tokens for the second level of authentication. It can be provided using a Dual Shield, SafeNet or RADIUS server.

SSL certificates / encryption . The Secure Client Gateway works as a proxy between Parallels client software running on client devices and Parallels RAS. The data exchange is encrypted in the gateway using SSL.

Conclusion

Parallels RAS is one of the main virtualization solutions. It improves the security and convenience of end-user access to data, desktops and applications on any device and anywhere in the world. For four consecutive years, Parallels RAS has won the prestigious Govies Government Security Award. This solution is used by thousands of organizations around the planet. Parallels RAS provides employees and users with real-time access to virtualized applications on any device, including zero and thin clients, mobile workstations, and a variety of end devices.