Principles relating to processing of personal data
Article 5(1)(b)
Collect personal data only for specified purposes and do not process the data in any manner that is incompatible with the stated purpose(s).
ManageEngine solutions to help you comply:
DataSecurity Plus- Identify anomalous data access, collection, modification, and deletion.
- Send notifications to concerned authorities in case of anomalous activities.
- Leverage extensive records on access and transfer events involving sensitive information for auditing.
Article 5(1)(c)
Collect only adequate and relevant personal data that is limited to only what is required for the purposes of processing.
ManageEngine solutions to help you comply:
DataSecurity Plus- Find and delete junk data, including stale, duplicate, and orphaned files.
Article 5(1)(d)
Keep the collected/processed personal data accurate and updated at all times.
ManageEngine solutions to help you comply:
Endpoint Central- Schedule device scans to ensure the availability and integrity of personal data.
- Monitor and delete outdated or incorrect data.
- Audit databases to determine how long data has been stored, and delete personal data once the storage threshold is reached.
- Scan active browsers to ensure protection of personal data.
- Gather information on data subjects quickly for modification or deletion upon request.
Article 5(1)(f)
Process all forms of personal data with the utmost security and prevent unlawful or unauthorized means of processing.
ManageEngine solutions to help you comply:
Endpoint Central- Gain visibility into users or devices trying to access business services and data.
- Send alerts when unauthorized access attempts are made.
- Generate instant notifications whenever critical file changes happen.
- Audit all activities on systems that store personal data and changes to personal data itself.
- Warn data protection officers or security administrators whenever the integrity of personal data is compromised.
- Audit file and folder actions, and maintain an audit trail of file accesses. Trigger instant email alerts to admins on detecting suspicious file actions.
- Detect and contain ransomware infections instantly to prevent data loss.
- Detect and prevent the leakage of business-critical files via USB devices or email.
- Mask, remove, and retain PII while scheduling or exporting user reports.
- Limit data access to essential and relevant personnel based on security clearance and task-specific needs.
Article 5(2)
Demonstrate compliance with the GDPR's requirements as and when required.
ManageEngine solutions to help you comply:
ADManager Plus- Export reports in any file format and/or email them to stakeholders at specified intervals.
- Provide video recordings, custom reports, and audit logs on every privileged activity.