To satisfy the GDPR companies will need to track who had access to personal data, when, and why.
Access is controlled by Identity Management authorisations and access control, but the actual access to the data should be logged. Automatic Audit logging tracks user activities for any and all file events and enables extranal audit and/or subject access requests to be satisfied easily and effectively.
The File Fabric file event auditing enables companies to have complete audit logs for all file events across all corporate data sets. This can include why the document was shared, to whom, who shared the document, and the date and time of the share and access.
Many companies worry about how they are going to understand who had access to what data when users are working data from their desktops. As the File Fabric provides a desktop drive (often referred to as a user home drive) it can be used to facilitate access to documents, on-demand, whilst also auditing and recording the access. The drive can also expire the cache of such documents for security purposes (Privacy by Design and part of a companies best effort to secure data).
The File Fabric Audit event feature enables DPO’s to easily create reports on data access, data change, devices used etc. It is an enabler for companies to demonstrate proof of GDPR compliance and, in the event of a breech, quickly prepare information required for reporting bodies.
The File Fabric solution can also be configured to output logs in ‘syslog’ format to work with solutions such as Splunk or other log aggregators that may already being used to provide a GDPR Business Activity Monitoring Dashboard, or indeed the Audit service can be consumed as an event stream if required.