GDPR states that the institutions must obtain explicit consent from individuals before collecting their personal data and keep these data strictly confidential. It makes institutions obligated to take technical precautions for the reasons below: Examining data access and flow on the network infrastructure Detecting data violations within 72 hours after they occur. Conducting appropriate post-violation activities such as creating incident report or automatically eliminating a violation.
Detection process of unauthorized access begins with Logsign SIEM correlation techniques by using authentication source logs.
The user is labeled as Attacker after a behavioral analysis is conducted with correlation.
After the attacker begins the unauthorized access activity, logs are enriched by conducting behavioral analysis with the logs received from sources. Attacker’s activities are correlated and shown on relevant dashboard panels.
Activities and relevant alerts are sent to IT managers via SMS / E-mail to warn them.