If at point blank we asked “the man in the street” what the GDPR is, we probably would not get answers. Let’s imagine then that this man is a little more informed than the average, and has read the newspapers or followed the news of the last weeks: the answer to that question would be in most cases “the GDPR is the law on the protection of personal data.
Of an answer like this, one could certainly be satisfied. In fact, some clarifications are useful to understand the innovative scope of the General Data Protection Regulation that started from May 25, 2018, throughout Europe.
Two essential and important points
The GDPR changes the scenario, updating the protection to the needs that emerged in the fifteen years from the issuing of the Privacy Code and therefore repealing the rules of the latter that are incompatible with the new Regulation.
And this is where the second and crucial aspect of GDPR emerges: the new approach to protection. The Privacy Code, in fact, has among its key points the concept of “minimum measures”: in practice, the owner of the data processing has a minimum level of rules to be respected in order to be up to standard. With the GDPR this concept disappears, to leave room for the “context”: the owner will be required to assess the context and risks to determine the security measures to be applied to the management of personal data.
The difference between the two approaches emerges clearly in terms of costs. The concept of “minimum measures” simply involves the evaluation of a cost of implementing the measures themselves; the idea of ”context”, on the other hand, also adds the costs of analysis, evaluation and management (documentation of the choices, control, periodic review). It is – as we explained in our guide Saying and doing the GDPR in 10 steps – of «a much more advanced design approach on which the skills of a system integrator, a reseller well rooted in the territory and capable of building relationships of trust with its customers can build important projects and value technological solutions “.
Analyze, evaluate, manage: the QNAP solution
QRM + is therefore based on this second approach (more precisely: QNAP Remote Manager Plus), the centralized management solution for network-connected devices.
This is the solution designed by QNAP that provides a single-point solution to detect, map, monitor and manage all the crucial devices (server / PC / Thin Client) present on the network, through a single interface and in a few moments.
The plus provided by QRM + in the protection of personal data – and therefore in compliance with the GDPR – is expressed in specific functionalities. After all, the GDPR is a tool of protection that however can do nothing against the evolution of cybercrime. The ransomware will not disappear; indeed, they will be increasingly technically efficient. Furthermore, data access control is expressly required by the new legislation.
The two features that help with these aspects are Disaster Recovery and Snapshot. The first is essential for defense against information attacks since it allows for extremely simple planning of additional backups and solutions to solve problems in the event of extreme events.
The second is instead functional to the access control mentioned above. The snapshots (snapshots) allow the Turbo NAS to record system status at any time. When an unexpected emergency occurs, you can restore the previous state registered by the snapshot.