USM Anywhere is GDPR Ready

May 30, 2018 | John McLeod
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

I am pleased to announce that USM Anywhere and USM Central comply with the European Union General Data Protection Regulation (GDPR), as successfully assessed by a third party. This means that AlienVault customers can be assured of a solution that not only helps to accelerate their own GDPR efforts but also fully meets the standards of data processors as required by the GDPR.

During our third party assessment, we worked closely with our auditors to ensure that USM Anywhere and USM Central have the proper legal, technical and organizational security controls in place to securely process, handle, and store our customers’ security data, including personal data, securely and in accordance with the GDPR. We completed this assessment with Coalfire, a trusted cybersecurity advisory services provider.

This marks the fifth major compliance audit that AlienVault has successfully completed in the past year, reinforcing our ongoing commitment to maintaining a secure cloud environment for our customers. AlienVault USM Anywhere previously earned compliance certifications for PCI DSS, SOC 2 Type 2, ISO 27001:2013 for the ISMS that governs AlienVault USM Anywhere and USM Central, and an attestation of HIPAA compliance. Our own internal security and compliance teams use USM Anywhere to earn these distinctions and to maintain our own continuous compliance, giving proof to the platform’s ability to accelerate and simplify compliance efforts.

In fact, Forrester determined that USM Anywhere can help organizations to reduce their time spent on compliance efforts by 94%, as stated in a recent Total Economic Impact Report of AlienVault USM. Here are a few ways in which AlienVault USM helps to accelerate and simplify your compliance efforts.

It combines multiple security controls in one unified platform.

USM Anywhere delivers various security technologies needed to help demonstrate compliance against today’s most challenging regulatory standards and to continuously monitor your cloud and on-premises IT environment—all in a single pane of glass. It combines asset discovery, vulnerability assessment, intrusion detection, behavioral monitoring, orchestrated incident response, SIEM, log management, compliance reporting, continuous threat intelligence updates, and more. So, if you have an upcoming compliance audit, USM Anywhere is an easy-to-use solution that will assist in your compliance efforts. 

It delivers pre-built compliance reporting templates out of the box.

AlienVault USM Anywhere includes a vast library predefined reports for PCI DSS, HIPAA, ISO 27001, and NIST CSF, helping you to accelerate your compliance process and be ready faster for your next audit. Because the USM platform gives you centralized visibility of all your cloud and on-premises assets, vulnerabilities, threats, and log data from your firewalls and other security tools, you always have the most complete and contextual data set at your fingertips, whether to satisfy an auditor’s request or to simply make your regular monitoring and reporting activities easier.

We securely store your logs in our compliance-certified cloud environment.

With AlienVault USM Anywhere, you can eliminate the burden of having to store and secure your logs on premises.  Instead, your logs are stored securely in the AlienVault Secure Cloud, which is certified as compliant to widely-accepted compliance standards, as mentioned above. So, you can rely on our secure log storage as you pursue your own certification efforts.

AlienVault as a Data Processor under the GDPR

As part of our efforts to comply with the GDPR and to help you to demonstrate your own compliance, we have compiled a Data Processing Addendum (DPA) that provides our customers and partners with a documented summary of the policies and processes we have established to ensure GDPR compliance.  This DPA is designed to be mutually executed by AlienVault and our customers. You can request a signed version here or send us yours for signature. Contact us at [email protected] with any questions.

We have also updated our privacy policy to ensure it clearly communicates how we collect user data and for what purposes in accordance with GDPR. You can access the updated privacy policy here.

Additional GDPR Resources

For more resources on GDPR and how to use USM Anywhere for your own compliance efforts, please visit our resource center where you can find many helpful webcasts, solution briefs and whitepapers. Check them out here.

John McLeod

About the Author: John McLeod, AlienVault
John is the CISO at AlienVault, responsible for cyber security in the enterprise and our products. John is a former Air Force Special Agent with over 20 years of experience in information security including but not limited to criminal, counter-intelligence, fraud and computer crime investigations. Prior to joining Alienvault, he served as the Director of Information security for National Oilwell Varco. His experience includes management roles for Halliburton, Mandiant, Guidance Software, and Mantech International. The US Intelligence community recognized him for his work in steganography. As a consultant, he responded to some of the highly publicized cyber-attacks, including: Moonlight Maze, Titian Rain, Night Dragon, TJX and Operation Aurora. He holds a B.S. in Information Systems Management from the University of Maryland University College, and M.S. in Network Security from Capitol College in Maryland. Additionally, he is a Certified Information Systems Security Professional (CISSP).
Read more posts from John McLeod ›

‹ BACK TO ALL BLOGS

Watch a Demo ›
GET PRICE FREE TRIAL