Webroot and Data Privacy
As a security company, preserving internet users’ right to data privacy in a connected world is central to our mission. As a global business, we serve many customers within the European Union and Australia. In accordance, Webroot has taken a number of steps to comply with the EU’s General Data Protection Regulation (GDPR) and Australia’s Notifiable Data Breach (NDB) plan, including:
- Implementing appropriate technical and organizational measures to ensure we keep data secure
- Keeping detailed records of our processing activities
- Ensuring that cross-border transfers of personal data have safeguards in place to protect data subjects
- Committing to notify data controllers of any data breaches.
Learn more about Webroot’s privacy practices here, business customers can enter into our standard contractual clauses for export of personal data here, or contact our Data Protection Officer at firstname.lastname@example.org.
GDPR: A Compliance Checklist
Webroot can help you become compliant with various GDPR requirements, including implementing appropriate
technical safeguards to ensure a risk-appropriate level of security.
Data Loss: What can you do to stop the top causes of data loss?
- Have contingencies in place for lost or stolen devices, including the mobile devices with access to your network. Mobile internet security solutions that can lock or wipe devices remotely are ideal.
- Keep malware and ransomware off your devices with a comprehensive and up-to-date internet security solution.
- Educate users on the dangers of phishing and other social engineering attacks, which account for 93% of all successful data breaches, through security awareness training or anti-phishing protection.
Consider the Network: Stop Threats at Your Front Door
- Stop attacks that could compromise sensitive data at the network’s edge by leveraging a firewall and DNS layer protection.
- Automatically encrypt or block sensitive data in emails and consider rules and enforcement mechanisms for blocking access to risky or inappropriate sites that are more likely to harbor threats.
We’re All Human: Don’t forget about your first line of defense, your employees
- Raising awareness about the risks inherent in processing personal data is required by GDPR. Schedule ongoing training to keep security top of mind and to ensure your employees know how to handle sensitive personal data.