Compliance with the New
EU Data Protection Regulation

Take our 60-second compliance check to see if you are at risk of breaching the new Regulation.
Plus learn how to secure your data and avoid breaches.

One year to GDPR: Will you be ready?

This time next year, any company doing business in the EU will have to be in compliance with GDPR. Here's a look at where companies are falling behind, and how they can get on track.

Pros and Cons | What you need to know

EU Data Protection Regulation Whitepaper

Major data breaches are commonplace today, putting customers at risk of identity theft and financial loss, and businesses at risk of losing customer and investor loyalty, as well as regulatory fines. This whitepaper discusses what the new EU-wide Data Protection Regulation will mean to companies globally.

Securing your Data with Sophos Encryption

The new EU Regulation requires organizations to secure personal data. Encryption is the best way to do this. At Sophos we provide the most complete encryption solution available; securing data across multiple platforms and devices without slowing down your users.

SafeGuard Enterprise:
powerful encryption that
doesn’t slow you down

Sophos SafeGuard Enterprise Encryption provides the most complete encryption solution on the market today, protecting data on multiple devices and operating systems. In addition to providing unparalleled data protection, our encryption solution is built to match your organization’s workflow and processes, without slowing down productivity.

So whether your data is residing on a laptop, a mobile device, or being shared via email or through the cloud, it is always safely encrypted.

New EU Data Protection Regulation in a nutshell

The new Data Protection Regulation will apply one consistent set of requirements for all organizations that hold data on European citizens. The legislation is very broad and covers many aspects of personal data.

The Regulation applies to organizations within the EU and to those organizations outside of the EU that offer goods and services to, or monitor the behavior of EU citizens. In terms of personal data security, this means implementing appropriate security measures to protect the data.

Encryption is widely agreed to be the best security measure available as it renders the data unintelligible to unauthorized parties in cases of data loss.

Under the new legislation, if you suffer a breach of personal data you can incur fines of up to €20 million or 4% of annual worldwide turnover.

If you can show that the personal data was subject to technological protection measures rendering it unintelligible to unauthorized people (e.g. encryption), you don't need to notify affected data subjects of the breach.

If you can show that the personal data was encrypted the likelihood of being fined as a result of a breach should be very greatly reduced.

The regulation officially entered into force on 24th May 2016 and from this point EU countries have up to two years to implement the new requirements.

SafeGuard Enterprise also includes central management of Microsoft’s BitLocker and Apple’s FileVault, for simplified deployment and enterprise-level management. Plus your users can view and edit encrypted documents on their mobile devices, enabling secure collaboration from any location. It all adds up to an encryption offering that can’t be matched.

Learn more Try for free

Sophos SPX email encryption

Email is a common source of accidental data loss. You need an email encryption solution that automatically detects sensitive information leaving your organization by email, and either blocks it or encrypts it. Sophos SPX Encryption is the simplest, most effective way to secure your email. And it’s available today in Sophos UTM.

Learn more Try for free

Sample data protection policy

Having a clear data protection policy is a central pillar of effective data security for an organization. Use this Sophos example as the basis for your own policy.

Download sample data protection policy

"Data protection is important to us and Sophos encryption against loss or theft is invaluable to our business."

Markus Höfl, IT Infrastructure Consultant, Cirquent Consulting

This is not an exhaustive review of all elements of the Regulation, nor is it legal advice. Please consult your own legal experts if required.