Article image

GDPR – What Can I Do?

05.12.2017

Advice

The introduction of GDPR, the general data protection regulation, is taking place at full speed, and the moment it will come into full force is not far away; thus the question what to do in order to ensure conformity with the requirements of the GDPR is becoming more and more topical.

This time we will stress the possibilities each company that uses the MS Windows server platform for storing their files already has and the possibilities that can be used with a tiny amount of work.

Step one – Identifying Data

Firstly, in order to understand whether your company should worry about observing the GDRP regulation, you must identify the systems and data that the regulation applies to. How can that be done? If you are using Windows Server File Services, you can do it using the built-in tools of Windows Server, and there is no need to buy or install additional software in order to find the files that contain the data of physical persons.

Step two - Windows Server File Classification

Thus, for example, you could use the Windows Server FileClassification functionality, which can identify all files containing, say, personal numbers, by defining certain criteria (expressions).

All you need to do is to configure the file server to:

  • recognize the old personal numbers as xxxxxx-xxxxx (six numbers, hyphen, five numbers);
  • recognize the new personal numbers as 32xxxxxxxxx (32, followed by nine numbers);

Step three – File Classification Rule

After we have configured the way personal numbers look, we will create a file classification rule which will review all files following a pre-created schedule and mark whether they contain information about personal numbers. If such information is found in the file, it is marked with a corresponding property.                                                                

This can be seen in the configuration of each file:

Step four – a list featuring all files

When file classification using the overviews and reports already available on the file server is done, you can create a list featuring all files that have personal numbers in them. The picture below features a fragment of a report showing documents that contain information with personal numbers in it:

And that’s not it yet! :)

If you are using ActiveDirectory RMS or Azure RMS (RightsManagement Services), the classified files can automatically be assigned RMS safety, thus ensuring that the files can only be accessed by users with the respective permissions, and even in case of a data leak the evil-doer will not be able to open said files. All you need to do is use the suitable RMS template and encrypt these files using automatic tasks.

We have also created a video lesson showing how to classify files.