There are places where you love to be and if they happen to be a position of leadership and position of service to a specific segment of customers, then nothing like that. Atempo, when it got acquired in 2012, was the leader in Archival for Indian / Bangladesh M&E with 9 installations much more than any other in the region with a healthy pipeline.

Next 4 years others created big ones and Atempo as part of ASG through Atempo India Team (now independent ITS technology solution Private Limited popularly known as itSimple) acquired few and retained all the earlier accounts. Then in 2017 End, Atempo got independent in wake of GDPR in India and others at the same time went into uncertainty. Atempo is back at BI 2018 where it used to be present consistently till 2013, powerful as a leader and no other significant competition in existence in Archival / large NAS backup space.

Atempo at Broadcast India Show 2018 is alive and kicking with unprecedented speed of backup / Archival (few GB/s to unlimited size) with integration with all kind of Penta-scale NAS (NetApp, Isilion, DDN, etc, providing integrity of data), through various kind of file systems (GPFS, Luster, storNext, etc), global implementations of 250+PB individual sites in M&E as well as HPC space.

Archival for media include-

• An extensive search of metadata,
• Proxy of Media files,
• True partial restore,
• Simple web integration in all workflows,
• Migration from other closed Archival through processes,
• Standard integration with virtually all MAMs.

Broadcast India Show 2018 witnessed all this with Atempo Asia Representative Mr. Benjimin Woo, who was present to welcome all the guests along with Mr. Kamal Gulati, Sachin Srivastava, Major Dawra & Lave Tyagi of itSimple team.

There was a daily lucky draw giving out One google Mini and 2 more gifts each day, which was won by visitors. 1000s of visitors grace the booth and Atempo / itsimple team look forward to being part of BI 2019 and similar Storage events.

The Name of Winners are-

Day 1-

1st Winner- Mr. Shaji Rajan (Sales Consultant-Storage), Hewlett Packard Enterprise.

2nd Winner- Mr.Jagadish Kavuturu (Sales Head), Boston.

3rd Winner- Mr. Akhilesh Mishra (Sales Executive), Arihant Informatics.

Day 2-

1st Winner- Mr. Indrajit Ghosh (Business Head), ILSD OmniDEL Multimedia Labs.

2nd Winner- Mr. Dhiren Desai, Decision Plus Systems Inc.

3rd Winner- Mr. Amar Nath (Content Provider), Sky Dreams.

Day 3-

1st Winner- Mr. Debby Francis Thomas (Regional Manager – Support), SRSG Broadcast (I) Pvt. Ltd.

2nd Winner- Mr. Aviral Deohans (Sales Manager, West India), Boston.

3rd Winner- Mr. Karunakar Reddy M, Netsat India Solutions.

For any Query regarding the Event or Large NAS Backup and Media Archival Solution, pls drop us a mail or fill up the contact form.

The post Atempo is back with Large NAS Backup Solution appeared first on ITSimple.

The economies across world are going through churning due to Technological Changes that have transformed the whole business paradigm in last several decades. It is being  predicted for quite long that Internet is going to change the world, and the information will be a key aspect of valuation & marketplace. And it is very evident today by way of organizations like Amazon, Facebook, Google, Alibaba being dominant in the market place.

Market Leaders and data-based dominance

If you see the fast rise to dominant place, one thing is clear, it has happened because of the way these organizations have utilized data as key currency. And Personal Information is soul of data.

• Google and Facebook have platforms that provide targeted marketing infrastructure to its customers. Google key offering has been online advertising (over Google and YouTube), but it has diversified to offering to provide software suites, cloud services, map & traffic services. For lot of services like Google Maps, crowd sourcing of data from users has played a key role.
• Amazon has not only become a market place offering its products and services, it has created an ecosystem offering products & services for which the underlying supply chain and logistics has been enabled by it only. Through this, it has taken on & beaten both traditional Brick & Mortar competitors like Walmart, and tech organizations like Google and Facebook despite being consistently low on profits.
• If one compares other media platforms, capturing user’s base & behaviour patterns data, most of them have already been acquired, LinkedIn by Microsoft, Instagram by Facebook. Few organizations like Twitter and Pinterest are still operating independently, though their only way of making money is through advertisements (Citation needed).
• Comparatively pure tech companies (IBM, HP, Dell, and likes) that don’t have general user penetration though at stable level, don’t have valuations like earlier ones.
• In few cases, an approach for valuation of user data based on market capitalization of organizations and corresponding user base has been used, which estimate the size of per user data to be around $120 per year on an average.

source: https://www.forbes.com/sites/tristanlouis/2013/08/31/how-much-is-a-user-worth/#6490c1891c51

Accelerating Factors

The following factors have impacted the pace of change:

• The relative ease with which information can be captured about end users (Social Media, electronic input on web / mobile, cross-validation (Auth2)
• Commerce possibilities among entities across the world have become easy with the push of a button. Digital payments, payment gateways, ACH / ECS, digital Signature, etc have further accelerated the pace.

(Bio-metric based authentication platforms provided by state bodies.)

• Location independence of processing that is taking place, and the ease with which data can be transported across the world.
• The emergence of big data and analytics that support faster and accurate decision making for commercial decisions.

Impacts on the end user

While these changes have helped end users to some extent, these have led to serious side-effects through significant exposure of user’s contents and behavior patterns to Corporate and State bodies and has a potential to impact them more seriously if not taken care of. To cite, look at a few of factors:

• Both general and sensitive data of world citizens is lying with Big Corporates, Government bodies, that if mis-utilized can lead to serious consequences. (This includes credit card summary, purchase transactions and related patterns etc.) Few organizations like Facebook are targeting the financial data of customers.
• Crowdsourcing of data has increased the possibility of a lot of personal data being made public with services like truecaller. Further, any breach into this data can have serious consequences. A security incident was reported by truecaller on 18-July-2013.
• Level of interference into citizens day to day life has increased significantly. (Unsolicited calls, behavioral retargeted marketing)
• In a number of cases, data inaccuracies lead to citizens being devoid of services in day to day life (financial rating, government services, Health facilities, devoid access to premises etc)
• Further level of commitment of providing organizations (both Private and Government) is not clear, leading to various scandals coming to lime-light across multiple timezones. (Facebook / Cambridge Analytica scandal, UIDAI data leakage in India ).
• Control of few leading nations over world economics. Though not talked openly, nations have apprehension over losing control or edge in world market by consolidation of user data with big corporates of select countries. Few leaders have already quoted as Big Data becoming such an important aspect, that nation states will fight over it. The example given above could be tip of iceberg

Data Protection Regimes

Nations across whole world are gearing up for creating an environment to provide protection and privacy to its citizen regarding their personal data. The need has been realized as early as around 1970s, and effort started gradually to provide privacy to citizens. The impact on such data has got significant with the proliferation of mobile technologies game casumo review.

The evolution has been gradual and following could be observed regarding laws:

• Several codes, standards and acts (laws) have evolved across nations for covering the privacy domain.
• Few regulations have emerged that are suggestive in nature and at some places prescriptive in nature.
• Few laws covered private entities, while several other were created for public & governance bodies.

While US has been traditionally on liberal side for Data Privacy regulations that leads to organizations (Data controllers, processors) being able to utilize the opportunity, EU has been at other end being tilted heavily towards citizens, with recent GDPR setting bench mark for expectations from Data Controllers & processors. . The  Personal Data Protection Bill introduced in India on 27^th July 2018 seem to strike a balance between US & Europe point of views.

We can expect significant changes due to ripples of new Privacy regulations getting introduced across world. Visit https://www.paydaynow.net/ to learn more on how you can invest in this field.

==============================================================

[1] https://www.forbes.com/sites/tristanlouis/2013/08/31/how-much-is-a-user-worth/#6490c1891c51

[2] https://en.wikipedia.org/wiki/OAuth#OAuth_2.0

[3] https://www.iol.co.za/saturday-star/news/facebook-now-after-users-financial-data-16560895

[4] https://en.wikipedia.org/wiki/Crowdsourcing

[5] https://en.wikipedia.org/wiki/Truecaller#Security_and_privacy_issues

[6] https://en.wikipedia.org/wiki/Behavioral_retargeting

[7] https://en.wikipedia.org/wiki/Facebook%E2%80%93Cambridge_Analytica_data_scandal

[8] http://www.iasparliament.com/blogs/pdf/leak-of-aadhaar-data

[9] https://www.businessinsider.in/alphabets-eric-schmidt-big-data-is-so-powerful-nation-states-will-fight-over-it/articleshow/57559460.cms

The post Emergence of Data Driven Organizations appeared first on ITSimple.

• Proactive compliance could build the reputation as 1st among competition to be trustworthy for citizens.
Or
• Big penalties could throw you out of business with the data breach.

Political parties cutting across the spectrum are debating this big time but seem to be keen to get this act fast. The government has already given the commitment to the Supreme Court for faster adoption of Privacy Law. 60+ major countries already have it. Write to dataprotection@itsimple.in for further information compliance.
Key Highlights in our understanding are :

1. Coverage of PI data
a. Covers any kind of personal data collected, disclosed, shared or otherwise processed within the territory of India Interpretation: Covers any person’s data that’s collected in India, including Indian, NRI, or Foreign person
b. Data Fiduciaries & Processors are covered (organization, communities or individual)

Read: 6 Benefits of Cloud backup Solutions for Small Business

2. Exceptions
a. Anonymised is the exception which allows digital economy & Big data, monetization of personal data.
b. PI used for Personal data
c. Small firms by definition ( <INR 25 Lakhs Annual Revenue or <100 PI in any day)
d. Crime / Investigations / Courts
e. Public Interest by Government / National Security
f. Small global org not in India but neither large scale nor capable to harm subjects.

3. What are Data Principal rights?
a. Confirmation / Access: Principal should be able to get confirmation about personal data with the fiduciary / processor. Should be able to get content of personal data.
b. Correction: Principal should be able to get mistakes & omissions fixed, get updates reflected in data.
c. Portability: Principal should be able to get data in the portable machine-readable format for usage by another Fiduciary.
d. sector-specific Standards could be added
e. Forget Data (balanced with interests of Fiduciaries / Processors): Fiduciary should provide the facility for discarding of data once consent is withdrawn in applicable cases.

Read: 7 Factors to consider while choosing a Cloud Backup Solution

4. What is the obligation of Data Fiduciary?
a. Fair and reasonable processing
b. Purpose Limitation: Data should be only used for the intended purpose and nothing else.
c. Collection Limitation: Only relevant data should be asked for from Principal.
d. Lawful Processing
e. Notice: All related information about capturing, processing, retention, usage of data in simple terms. Also, how to get data fixed, accessed, consent withdrawn, contacting appropriate authority in Fiduciary for request processing.
f. Data Quality: Fiduciary should ensure data completeness and correctness, updates at its end.
g. Data Storage Limitation / Retention Period: Data should be retained only for the required period, and should be discarded afterward.
h. Accountability: Organization should setup framework for ensuring all requirements laid down in the Data Privacy Act.

5. Breach
a. Breach of PI intimation to Principal is optional which is Data Protection Authority prerogative.
b. Need to be intimated only to DPA.
c. Conditions under which it should be only to DPA / otherwise to Principals also to be defined.

6. Data Localisation (Cross-border Flow)
a. Sensitive data to be kept only in India.
b. PI one copy in India.
c. Green signal by Central government needed for movement of Data outside India.

7. Impact on Aadhar:
a. Reporting to DPA for Breach, UIID answerable to DPA for breach reported by Principal sofar it was UIID or court,
b. UIID responsible for the collection, execution, Maintenance as well as breach, is like reporting to the same org for wrongdoing by itself.

8. Penalties (Financial & Civil) & Damages
a. 15 Cr or 4% of Global group turnover (Sensitive Data Breach).
b. 5 Cr or 2% Global Group Turnover (PI Breach) or
c. 5 Year / 3 years imprisonment to individual responsibility. Non Bailable and cognisable

9. Implementations for Fiduciaries & Processors (Organisations & Individuals):
a. DPO for Significant Fiduciary or Global fiduciary, SPOC for rest of fiduciary.
b. Internal Audit. Trust Scorecard for significant Fiduciary.
c. PI identification & Flow,
d. Privacy Objective,
e. Consent Framework,
f. Processes,
g. Internal training,
h. Audits,
i. Incident Management & reporting.

10. DPA / Appellate Tribunal / Supreme Court in that order for Grievances Redressal by principal.

11. Major Difference as compared to other Data Protection Acts

a. Financial Data such as that found in gadcapital.com loans & Passwords in Sensitive data is included no other Data protection law has it.
b. Localisation Copy to remain in India, none as stringent (apart from China) though this could be allowed by Central Government
c. Right to be forgotten This could be refused by Fiduciary / Processor if this violates freedom of speech or practically not feasible.

The post Data Protection Bill of India appeared first on ITSimple.

GDPR (General Data Protection Regulation) is now active in Majority of developed countries with tough fines (4% of Global Turnover & Euro20M) for the offenders. In India a Personal Data Protection Bill has been submitted on 27^th July 2018 and is in the process of debate & adoption.

Explosion of the online Apps and consumer preference to online buying has made the Personal Data of citizens and behavior pattern available to providers. Lot of times, as individual data passes through various channels in such cases, it has led to Individual Data being shared or leaked for commercial reasons. In a recent event, a huge fall was observed in Facebook market cap (approx. $ 120 Billion) because of data privacy laws, which resulted in new security expenses (which means possibly earlier it was not safe) by their own admission.

itSimple

itSimple has been part of multiple discussions at various forums on GDPR / Data Protection Laws & will like to highlight the impact of the GDPR as well as new regulation in India (once in force). In this and subsequent blogs, we shall be sharing the industry wise impact on various sectors starting with the Hospitality Industry (Photo).

Read : Getting Ready for GDPR Compliance in 2018

Hospitality

India is one of the major hubs for the Hospitality. The sector’s total contribution to GDP stood at US$ 208.9 billion (9.6 percent of GDP) in 2016 and (US$ 424.5 billion), 10 percent of GDP in 2027.

GDPR / Data Protections Laws are being adopted by all the leading Hotels across the globe. The reasons why hospitality is one of the most impacted by the Data Protection Acts are:

1. Hospitality Industry focus on HNI & well to do individuals/ organizations, these citizens are most paranoid about privacy
2. Hotels have far too many touch points regarding Personal Information (food habits, daily routine, clothing, favorite entertainments, brand choice etc.)
3. GDPR is applicable to any organization across the globe that stores or processes European Resident data
4. European citizens have business relations across globe.
5. One Data Breach is enough to sabotage organization reputation, and especially loss of business
6. Any decent size hotel has many vendors and lot of individual service providers.
7. Hotels need the “ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident”. It means they need well designed data protection solution including Backup / Archival solutions and it is required critically across 24×7.

To-do list for all the hotels –

All the leading hotels need to align with the GDPR rules, and sooner or later all the other countries will also follow with their own rulings. So, it is crucial for hotels to create their internal privacy organization and GAD to rebuild.

1. Visibility Mapping of Personal Information (PI)
2. For ensuring a structured methodology execution for change implementation, following steps are suggested:
   1. Privacy Organization structure in company
   2. Privacy Objective,
   3. Policies, Processes,
   4. Internal audits,
   5. Regulatory Compliance Intelligence,
   6. contract management,
   7. Purpose bound usage & Access to Personal Information,
   8. Incident management system
   9. Train of staff about the regulation and its importance
3. Customer Handling
   1. Before soliciting any information from guest take their consent and inform them why the data is needed and what will it be used for?
   2. If a guest request to delete, modify or not provide the data (which is not required by law), honor them as they have the “right to be forgotten” & “Ask back their data”. Hence, it’s the responsibility of hotel people to add some flavors in their hospitality.
   3. Exhaustive Consent framework from in Booking / Check-in forms, from Implicit “take it or leave it” to Explicit “Legal, Notice, Choice and Consent” & “purpose limitation”
   4. Framework for “Ask the data Back”, “Right to be forgotten” for part of personal data.
4. Vendors
   1. Vendors who are getting PI to be “GDPR Ready”
5. IT System
   1. Have a comprehensive approach to data protection including data safety, security, protection, retrieval, disposal and discarding aspects.
   2. To ensure the Backup / Archival, Data Leakage Prevention systems are up-to-date

Read : Indian IT Companies are not ready for GDPR Compliance 2018

Generic Methodology for getting organization ready for GDPR compliance.

1. Introduction to Sponsors / Top Management
2. Mapping of PI
3. Information Life Cycle and flow mapping, each one GDPR compliant.
4. Privacy Organization set up
5. Purpose, Goals & Structure
6. Ecosystem and function mapping
7. Privacy Policies & Processes
8. The mechanism for Regulatory Compliance & Intelligence
9. Managing Contracts
10. Purpose bound usage and access
11. Incident Management System
12. Security
13. Data-centric
14. Privacy by design
15. Backup / Archival / Data Availability, 3 safe / secure copies
16. Training & Awareness

The post GDPR | Data Protection Acts for Hotels appeared first on ITSimple.

European Union GDPR is one of the most talked-about data protection law that came into force on 25th May 2018. It can effect on any business that holds data on European citizens.

GDPR Compliance requires businesses and IT Companies to protect the personal data and spell out how they manage and share personal data. Non-compliance with GDPR regulations or potential damages of breach of privacy of user data from EU would cost huge financial penalties to the IT Companies, 4% of global turnover or Up to €20 million.

There are various implications with data backup on GDPR, and Backup and disaster recovery system is major aspect of compliances. To comply with GDPR 2018, business must follows the rules. You will need a reliable data backup solution to manage and safeguard your backups using professional tools tailored to company needs. The data backup solution can play a vital role in getting you safely through a GDPR audit.

The aspects of GDPR Compliance that data backup cover for the organization include:

1. Managed Data Backup:

Data backup and recovery system is coming with serious implication on GDPR. Having this can save your 30-40% chance of being penalized. You need to protect the data you are holding, otherwise organization can face heavy fine.

1. Ensuring the ability to restore the availability and access to the personal data.
2. Effective system to measure the security of processing.
3. Ensuring the security of processing also.
4. Centralized control of Data

Under GDPR rules, it is now going to be important for organizations to back up the data, isolate backed up data, locate data, and ensure that the data is ready for disaster. The itSimple backup solution takes care of it through:

1. Centralized control of all type of computer in local and remote location
2. Catalogue of backup
3. Copy of protected data for disaster readiness even at remote location.
4. Through backup catalogue, you can control the order in which backups are removed for availability of space without affecting the retention control.

3. Security of Data

For GDPR Compliance 2018, Data should be encrypted and accessible only to those who have specifically defined access rights. This means user access needs to be tightly controlled for both backup and restoration operations. A reliable backup Solution ensure security of Data in backup and in transit through:

1. Encryption of backup
2. Breaking of data in small blocks

Besides this it must be ensured about the security system to deal with data breaches. If the system is reporting with any type of cyber alert or data breaches, it must be taken care of within 24 hrs

4. Storage of Data

To ensure data protection, it is important to manage data storage media. Through retention control feature in backup, you can keep the data till the time it is required.

You can manage backup sets with short-term retention on disk and long-term on tape or public clouds.

5. Are you planning to outsource the data backup:

This may be good option if you don’t have such system and dealing with EU citizen  data, you can outsource your data backup and recovery system. But be sure about that party is following the GDPR Compliances.

If you have any query about data backup and GDPR compliance, feel free to contact itSimple at +91-120-4155477 or send an email on sales@itsimple.in.

The post Data Backup Solution for GDPR Compliance appeared first on ITSimple.

With 2.2 billion users, Facebook is on the top of social networking sites. But also Facebook is first on data and privacy leakages. When the Facebook is in under recovery of Cambridge Analytica scandal, in which A data mining from which is also affiliated with trump, got access to the personal data of approx. 87 million users of Facebook, Erin Egan, Facebook chief privacy officer announced about a bug which was active from 18 May to 27 may.

This bug affects approx. 14 million users out of 2.2 billion users of largest Social Giant.

About The Bug

Facebook said a software bug led some users to post publicly by default regardless of their previous settings.

It said the bug automatically suggested that users make new posts public, even if they had previously restricted posts to “friends only” or another private setting. If users did not notice the new default suggestion, they unwittingly sent their post to a broader audience than they had intended.

Jonathan Mayer, a professor of computer science and public affairs at Princeton University, said on Twitter that this latest privacy gaffe “looks like a viable Federal Trade Commission/state attorney general deception case. “ as the company has promised about most recent privacy settings will be applicable on future post.

Even if the bug was an accident on Facebook’s part, Mayer said in an email that the FTC can bring enforcement action for privacy mistakes.

The company is saying that this was happened accidently when Facebook is trying to build a new way for people to share the featured items on profiles, including photo albums and posts. Accidently, they made the posts public for all suggested audience.

But by any means, surely peoples posts and albums got public even they don’t want to public it and does not want the same.

These are the consequences of data and its users. We are in digital data age, and Facebook is just an example for such data privacy consequences, there are much more apps and services we are using in our day to day life to simplify the needs.

ItSimple backup solutions is concerned with GDPR and its effects, and have detailed discussion an event conducted by Assocham on 11th May 2018.

The post Latest privacy scandal for the world’s largest social media company appeared first on ITSimple.

IT Companies need to take actions to comply with GDPR as ignorance can cost huge financial penalties up to €20million or 4% of annual revenue. Getting your organization ready for GDPR compliance would help you to present yourself as ethical, trustworthy and responsible. You need to get prepared before it too late!

In view of the above to discuss and deliberate upon the various issues and structuring an Indian Data Protection Framework, ASSOCHAM is organizing this Global Summit on “Data Protection, Privacy, and Security, Implications for India” on 11th May 2018 at Hotel Le-Meridien, New Delhi.

itSimple is proud to be the Gold Partner and the Speaker on GDPR for the event.

Discussion Areas & Highlights

• GDPR – Not What, or Why; but How?
• Data and Privacy Management in the New Corporate India
• Potential Harms to Individuals and Corporate Data.
• Digital Data Revolution and Digital Payment
• India Data Protection Framework
• Legal and Ethical issues in Disruptive Technologies
• Security & Privacy Issues and Challenges in the emerging business models

We request you to Save your date for the entire day and confirm back such that we could workout for your exclusive delegate Pass and free membership for the event.

Date: 11th May 2018
Time: 10:00 AM TO 6:00 PM
Venue: Le-Meridien Hotel, New Delhi
Call Now: +91-120-4155477
Email: sales@itsimple.in

The post ASSOCHAM to organize Global Summit on Data Protection on 11th May 2018 appeared first on ITSimple.

When asked about privacy concerns, he has come out openly saying “Aadhaar in itself doesn’t pose any privacy issue because it’s just a bio ID verification scheme. The individual applications that use Aadhaar, you have to look and see what’s been stored and who has access to that information. And so, application by application, you have to make sure that’s well-managed. In the case of the financial bank account, I think it’s handled very well.”

Bill said that the bio-ID verification programme has multiple benefits and The Bill and Melinda Gates Foundation has funded the World Bank to emulate this Aadhaar-like system in other countries as it is worth emulating.

Nandan Nilekani, the 62-year-old multi-billionaire entrepreneur, philanthropist, and co-founder of tech giant Infosys, who is considered as the chief architect of Aadhaar, is helping the World Bank carry out this level of project in other countries.

Not only that, he also appreciated Prime Minister Narendra Modi for fully “embracing” the scheme, which was initiated before PM came into office.

The post Aadhaar doesn’t pose any privacy issue, says Bill Gates supporting Aadhaar Scheme appeared first on ITSimple.

According to the European Commission, “personal data is any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a home address, a photo, an email address, bank details, posts on social networking websites, medical information or a computer’s IP address.”

GDPR requires businesses and IT Companies to protect the personal data and spell out how they manage and share personal data. Non-compliance with GDPR regulations would cost huge financial penalties to the IT Companies, about 4% of an organization’s annual earnings.

Let’s look at the important security features in Windows Server 2016 that can help with GDPR compliance and protect organizations from a data breach.

Just Enough Administration and Just in Time Administration

While protecting and isolating credentials as much as possible, administrator credentials can be stolen by attacks, social engineering, brute force cracking and disgruntled employees. Therefore, there should be a way to limit the reach of administrator-level privileges in case they are compromised.

Windows Server 2016 introduces Just Enough Admin and Just-In-Time Admin options that allow organizations to only give administration credentials for a limited time with limited permissions.

Just Enough Administration in Windows Server 2016 allows you to give limited privileges and access to only those tools that are needed to perform specific administrative tasks.

Just-In-Time Administration allows you to assign users to privileged groups for a limited time frame and users are removed from privileged groups after a limited duration. This technology is known as Privileged Access Management.

The IT division can upload an extra layer of safety by way of configuring Windows to validate the administrator’s identification via multifactor authentication ahead of the request is granted.

Windows Defender Credential Guard and Windows Defender Remote Credential Guard

There are other important security features in Windows Server 2016 that can help with GDPR Compliance, Windows Defender Credential Guard and Windows Defender Remote Credential Guard.

Windows Defender Credential Guard uses a hypervisor to isolate authentication credentials to restrict access to privileged system software and to prevent Pass-the-Hash or Pass-the-Ticket attacks by making them completely ineffective.

Windows Defender Credential Guard uses:

1. Virtualization-based security

• 64-bit CPU
• CPU virtualization extensions, plus extended page tables
• Windows hypervisor

2. Secure boot (required)
3. TPM 2.0 either discrete or firmware (preferred – provides binding to hardware)

Windows Defender Remote Credential Guard protects the credentials used for remote desktop sessions. Previously, Users with remote desktop connections would have to log on twice in which the second login exposes credentials to Pass-the-Hash or Pass-the-ticket attacks. Windows Defender Remote Credential Guard in Windows Server 2016 implements single sign-on for Remote Desktop sessions and eliminate the requirement to re-enter the logon credentials.

Protecting infrastructure and applications

Windows Defender Device Guard

While protecting credentials is important, it also requires blocking malware and external attackers running malicious software. Windows Defender Device Guard is an application whitelisting tool in Windows Server 2016 to ensure that only trusted software run on the server. With windows defender device guard, admin can specify and limit which binaries can run on the system to prevent cyber threats by blocking malware attacks, malicious software or exploiting vulnerabilities.

Enhanced security auditing

Windows Server’s Enhanced Security Auditing capabilities is useful for GDPR Compliance. Microsoft updated security auditing that provides more detailed information for faster attack detection and alerts administrators to potential breach attempts.

The detailed security information provided by the enhanced auditing enables two new types of auditing, Audit Group Membership and Audit PnP Activity. Group Membership Auditing helps to audit the group membership information in a user’s login session and PnP auditing helps admins detects an external device which could contain malware.

The post How does Windows Server 2016 help with GDPR Compliance? appeared first on ITSimple.

At NAB 2018, Atempo is exhibiting its innovations with the latest version of Atempo Digital Archive (v4.0).  The new features in the Atempo Digital Archive V4.0 includes:

• Very large storage synchronization and migration capacities,
• Dedicated backup features for massive unstructured data sets which enable the protection of a very high number of small files and/or very large files,
• Rapid detection of new, modified, deleted files (FastScan technology),
• The creation for all storage types of “remote” SnapShots stored on less expensive disk arrays,
• The capacity to restore any version of a remote Snapshot,
• In the event of a major incident on the production storage, you can exploit your data directly from the backup platform (SnapStor),
• Once the damaged storage is up and running again, you can progressively reconstruct your primary storage from the backup.

Atempo’s expertise to backup, move and store significant data volumes is recognized worldwide by a number of multimedia references, film studios and postproduction facilities. “Le Labo” in Paris uses Atempo Digital Archive on a daily basis to store and share large data volumes between many film and TV editing workstations.

For more details on Atempo’s M&E solutions:

• https://www.atempo.com/en/solutions/petascale-nas-and-gpfs-backups/
• https://www.atempo.com/en/solutions/storage-and-file-synchronization/
• https://www.atempo.com/en/solutions/nas-storage-migration/

The post Atempo to exhibit Atempo Digital Archive V4.0 at NAB Show 2018 appeared first on ITSimple.