How Software Solutions Can Help

            Software solutions and automation can help with these steps, including Data Access Governance (DAG)
            software to locate personal information, remediate stale data, and resolve overprovisioned access, as
            well  as  Privileged  Access  Management  (PAM)  software  to  enable  secure,  task-based  administrative
            access delivered just-in-time and with just-enough privilege.



            Moving Forward Without Privacy Shield

            A joint statement between the U.S. Secretary of Commerce and the EU Commissioner for Justice was
            released on August 10th, stating the two sides are working towards a new agreement.

            “The European Union and the United States recognize the vital importance of data protection and the
            significance of cross-border data transfers to our citizens and economies. We share a commitment to
            privacy and the rule of law, and to further deepening our economic relationship, and have collaborated
            on these matters for several decades.”

            This statement doesn’t offer any specifics, and until more details are released organizations shouldn’t
            assume a new Privacy Shield is coming soon. Even if a new framework gets put in place, unless there’s
            drastic changes to how the U.S. government treats data privacy then it’s likely the new agreement will
            get struck down by the same EU court.

            In the meantime, organizations that need to keep the flow of data open between the EU and U.S. will
            need to utilize either Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCRs).


            This is an unfortunate reality, but things can only improve once the U.S. government starts to take data
            privacy more seriously. State-level laws, such as the California Consumer Privacy Act (CCPA) and New
            York SHIELD Act, are steps in the right direction. However, it’s clear the U.S. needs federal data privacy
            regulations on par with the EU’S GDPR. Until then, arranging a successor to Privacy Shield, and more
            importantly making it stick, remains a challenge.



            About the Author

            Dan  Piazza  is  a  Technical  Product  Manager  at  Stealthbits
            Technologies, responsible for File Systems and Sensitive Data in
            their  Data  Access  Governance  solution,  StealthAUDIT.  He’s
            worked  in  technical  roles  since  2013,  with  a  passion  for
            cybersecurity,  data  protection,  storage,  and  automation.
            Stealthbits  is  a  cybersecurity  software  company  focused  on
            protecting  sensitive  data  and  the  credentials  attackers  use  to
            steal that data.

            Dan can be reached online at linkedin.com/in/danieljpiazza and
            at our company website https://www.stealthbits.com/




            Cyber Defense eMagazine – September 2020 Edition                                                                                                                                                                                                         113
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.