Meet GDPR Compliance with LepideAuditor

Meeting GDPR Compliance with LepideAuditor

Due to GDPR regulations, most organizations will find themselves needing to appoint a Data Protection Officer. However, all organisations, regardless of whether a DPA is in place, need to be able to prove their compliance with the complex regulations that will come into place. Information Technology sections of this regulation can be met by auditing the IT infrastructure. However, native auditing methods alone are not enough, as they can be both too time consuming and complex. LepideAuditor provides a single centralized console that enables you to audit multiple instances of Active Directory, Group Policy Objects, Exchange Server, SharePoint, SQL Server, Windows File Server, NetApp Filer, Office 365 and Dropbox. It also holds numerous specific reports that can help you meet aspects of GDPR compliance.

Over 5,000 Organizations Use LepideAuditor to Meet Regulatory Compliance Mandates

Chapter II – Article 5 (1) (f) – Principles Relating to Personal Data Processing

This section of GDPR focuses on the security of personal data from unauthorized access, unlawful processing and accidental deletion. Auditing accesses made to relevant files and folders and tracking the permissions of users is a requirement when implementing the security of digital data. LepideAuditor performs Historical Permission Analysis of Active Directory, Exchange Server and File Server. Current Permission Report displays all current effective permissions of users on shared files and folders in File Server. LepideAuditor also monitors all accesses made to data stored on File Server and mailboxes on Exchange Server.

Chapter II – Article 5 (2) – Principles Relating to Personal Data Processing

This section requires organizations to prove their compliance with section 5 (1). You can install and configure LepideAuditor to display adherence with these sections. LepideAuditor has numerous inbuilt pre-defined reports that show all changes in permissions and all accesses made to crucial data. The real-time alerts help you to take immediate action against unwanted changes or unauthorized accesses. Our solution also allows you to restore the state of Active Directory Objects and Group Policy Objects to restore the permissions of Active Directory users to their last known good state.

Chapter IV – Articles 24 (1) (Responsibility of the Controller) and 32 (2) (Security of Processing)

To comply with this section, organizations have to display that they are processing data as per GDPR requirements. As multiple server components deal with the personal data stored in files, folders and mailboxes, the entire IT infrastructure will need to be audited. Auditing each component separately using native methods is complex and messy. LepideAuditor provides a single console for auditing multiple instances of different server components.

Chapter IV – Article 24 (2) - Responsibility of the Controller

This section requires organizations to produce proof of compliance with article 24 (1). LepideAuditor keeps a long-term record of changes made in the configuration of server components, accesses made to the data and changes in permissions of users/objects. These records are displayed in predefined reports in text and graph formats, which can be saved as files on the disk or can be delivered through email at scheduled intervals. You can customize any of the Active Directory, Group Policy or File Server Modification Reports to create a customized report suited to your requirements. You can also create real-time alerts that can be sent as emails, as updates to Radar Tab and as notifications to the LepideAuditor App.

Chapter IV – Articles 25 (1) (Data Protection by Design and by Default) and 32 (1) (Security of Processing)

This section requires organizations to have proper mechanisms in place for the protection of data in the IT environment. Auditing of accesses made to data, user permissions and of user activities on the computers or servers will inevitably help you secure your data. You will gain full visibility into who is trying to log on to a critical computer, access a mailbox, read an important file or delete files. LepideAuditor audits all changes made in permissions, accesses made to data and user activities on the different computers and servers. Any unauthorized change or access is brought to the notice of intended recipients through email or push-notifications to the LepideAuditor App.

Chapter IV – Article 25 (2) – Data Protection by Design and by Default

This section requires organizations to maintain accesses made to data. Only authorized and relevant users should be able to access data. Organizations must implement access privileges in their IT environment and monitor accesses made to personal data. LepideAuditor audits user permission changes in Active Directory, Exchange Server, SharePoint, SQL Server, Windows File Server and NetApp Filers. It also monitors accesses made to data stored in File Server, SharePoint and SQL Server. Alerts in real-time are sent through email to selected recipients or through notifications to the LepideAuditor App once an unauthorized access or unwanted change in permission is detected.

Find out more about how Lepide can help you meet GDPR compliance with our full mapping guide

View PDF

Want to see the award-winning LepideAuditor in action? Schedule a Demo

❝
LepideAuditor is simple to install and setup and is an easy-to-use solution for auditing your IT environment.

Ahmed Nabil

❝
LepideAuditor takes the strain out of change auditing and regulatory compliance with one of the most comprehensive solutions on the market.

IT Security Guru

❝
It’s rare to find a solution which covers a such a wide range of auditing services, but ‘LepideAuditor’ is one of those rare exceptions.

Mahdi Tehrani

Active Directory Lead

❝
LepideAuditor is one of the most simple to use and feature-packed security suite for Microsoft-based environments. If you fear security breach, this is one of the most essential security perimeters.

Erik Blum

❝
LepideAuditor is an excellent audit solution. It gives IT teams complete information about what’s happening in the IT systems, the health of their servers and backup history.

Prajwal Desai

❝
The LepideAuditor is an invaluable toolset for any System Admin to audit Active Directory, Group Policy and Exchange server changes.

Marius Ene

❝
I really enjoyed the way LepideAuditor performs to audit the changes made to Active Directory and Group Policy Objects. I will certainly recommend it to anyone who is looking for an easy-to-use third party auditor.

Roman Nedzelský

❝
LepideAuditor is highly recommended as it not only meets all requirements for Active Directory and Group Policy change auditing but also it is easy and friendly to use.

Roberto Di Lello

❝
LepideAuditor is an excellent auditing solution. Some key features of the solution are compliance reports, health monitoring, alerts/notifications and the backup/restore functionality.

Mayank Dhama

IT Expert

❝
LepideAuditor honored as Gold winner in the 12th Annual 2016 Info Security PG’s Global Excellence Awards® in ‘Auditing’

❝
LepideAuditor is a solid product that will likely do a good job for anyone who wants to know what administrative actions are being taken in their organization.