How does Data Cuckoo help with GDPR compliance?

The EU General Data Protection Regulation (GDPR) comes into force on 25 May 2018. GDPR compliance is especially challenging for small or medium sized companies as they generally lack the skills or budget to embark upon wide-ranging IT purchases or restructuring.

Data Cuckoo has been developed after years of working with small and medium sized businesses. We know that many of these companies are being run from spare rooms, garages, home offices or out of enterprise zones and modest offices. These businesses are the backbone of most economies, yet it is incredibly common to find a domestic internet connection and an inexpensive or aging router - often one that was bundled for free with the internet connection - attempting to protect this entire business network from today's online threats.

If this is you, no doubt one particular requirement of the GDPR is especially challenging:

"You should ensure you have robust personal data breach detection, investigation and internal reporting procedures in place..."

Domestic internet connections and routers are completely oblivious to the idea of data leaks and breaches - they have no facilities to detect, prevent or report if someone is trying to gain access to your network, or if someone is taking a copy of your private information.

However, to protect the public, the penalties for not detecting and reporting these leaks of data (“personal data breaches” in the language of the GDPR) are especially punishing:

"You must report a notifiable breach without undue delay, but not later than 72 hours after becoming aware of it. If a third party discovers a data breach and goes public with it before you report it it could lead to a maximum fine of 2% of global annual turnover or €10 million, whichever is greater."

Of course, you don’t only have to protect your office: when you travel with a laptop or phone you are often at increased risk of losing customer or corporate data - and then there’s your website, often with a database of its own... where do you begin?

Data Cuckoo was designed to take a new approach to data leak detection. Instead of expensive and complex security hardware attempting to keep the malicious out, Data Cuckoo works to constantly scan the internet for any evidence of a data leak of your customer or corporate data having occurred - however it was caused and regardless of source.

What about Brexit?

We know that the GDPR contains multiple awkward challenges, and that some UK businesses are hoping Brexit will nullify these rules. However, the UK Government has made it clear, while plans for Brexit continue to progress, that GDPR will become part of UK law from 25 May 2018, and equivalent data protection requirements will remain in force once the UK has exited the European Union. This is necessary to ensure consistency throughout Europe, where the UK Government has expressed wishes to retain strong trading links.

What if I’m not in Europe?

GDPR also applies to organisations who interact with citizens of other EU countries, so GDPR’s requirements will need to be understood and complied with if you have any customers in Europe. We believe Data Cuckoo contributes to achieving this.