RedLock, the Cloud Threat Defense company, announced that full-featured reporting capabilities specific to the General Data Protection Regulation standard (GDPR) have been added to the RedLock Cloud 360 platform, the market-leading service that enables organizations to accelerate digital business by managing security and compliance risks across their entire public cloud environment without impeding collaboration between software developers and IT operations. The newest features perfectly complement existing capabilities within RedLock Cloud 360, which include compliance and security mapping for NIST CSF, CIS, SOC 2, PCI DSS, and HIPAA.
“Every new set of sweeping regulations brings with it some confusion, and GDPR is no exception,” said RedLock co-founder and CEO, Varun Badhwar. “So here’s what companies should know: GDPR applies to any organization, located anywhere, that offers goods or services to, or monitors the behavior of, citizens of the European Union. Second, public cloud computing is absolutely subject to GDPR regulations—in fact, the regulations specifically call out cloud processors and controllers. And finally, the Shared Responsibility Model of cloud computing doesn’t fundamentally change, which means cloud providers are responsible for securing the underlying infrastructure, while their customers are responsible for any personal data they put in the cloud.”
Now, by using RedLock Cloud 360, organizations can automate security compliance and provide comprehensive reporting to management and external auditors specifically for GDPR with just a few keystrokes. Just as RedLock Cloud 360 is renowned for offering a single view of existing and potential risks over the entire cloud environment, the compliance dashboard now provides a holistic, at-a-glance view of resources monitored for GDPR (and other standards as selected), and highlights the number of resources that pass and fail the applicable compliance standard. It also indicates a relative trend, in terms of whether the number of passes or fails is increasing or decreasing.
RedLock Cloud 360 also generates reports detailing the GDPR compliance posture, with summary and detailed findings of security and compliance risks in a given cloud environment. Overall, the RedLock GDPR Compliance Assurance report serves up:
- An executive summary of the results
- Visibility into the resources scanned in the accounts for the cloud environments specified
- A high-level view of how many resources passed the GDPR checks, and how many failed
- The specific GDPR chapter and articles that were violated