Welcome!

News Feed Item

OneTrust Joins Cloud Security Alliance to Simplify Vendor Risk Management for GDPR Compliance

Announced at RSA USA Conference, Partnership Simplifies GDPR Requirements into Organizations' Existing CSA Framework

Also at RSA USA, Cyber Defense Magazine Awarded OneTrust with Two InfoSec Awards

SAN FRANCISCO, April 16, 2018 /PRNewswire/ -- Today at RSA USA Conference, OneTrust, a global leader in enterprise privacy management software that supports compliance with data privacy regulations, announced it joined the Cloud Security Alliance (CSA), the world's leader in secure cloud computing best practices. Additionally, Cyber Defense Magazine announced OneTrust earned two top InfoSec Awards for Privacy Management Software and Privacy Expert of the Year.

As a CSA partner, OneTrust streamlines Vendor Risk Management by incorporating General Data Protection Regulation (GDPR) requirements for third-party vendor assessments into an organization's pre-existing CSA assessment framework. In conjunction, OneTrust announced a first-of-its-kind cloud vendor assessment framework to audit the security controls and privacy program maturity of third-party vendors. The framework assesses third-party vendors to help them meet both the requirements of the General Data Protection Regulation (GDPR) and the necessary cloud vendor security controls as outlined by the CSA.

Leveraging third-party cloud service providers is critical to business operations, and many organizations utilize CSA assessment frameworks when evaluating the security risk of vendors. This assessment process will become increasingly complex as cloud vendors take on the role of processors under GDPR, making them accountable for a variety of new data protection obligations. 

As part of CSA, OneTrust's template library is extended to include CSA-approved security assessments for vendors. Available in the OneTrust template library, OneTrust customers can now utilize the comprehensive GDPR compliance and CSA vendor security template, which combines both OneTrust and CSA best practices.

"OneTrust's mission is to help organizations simplify their privacy programs and achieve regulatory compliance," said Blake Brannon, Vice President of Products, OneTrust. "Our integrations with CSA's framework and assessments helps us further this mission and provide streamlined templates for vendor risk management and cloud security compliance."

"We're excited to welcome OneTrust to the Cloud Security Alliance," said Jim Reavis, CEO, Cloud Security Alliance.  "As a leader in privacy management software, many OneTrust customers will now benefit from CSA's guidance and best practices to support third-party cloud service provider assessment obligations under GDPR."

Also at RSA USA, Cyber Defense Magazine awarded OneTrust with two InfoSec Award wins for Privacy Expert of the Year (Editor's Choice) and Privacy Management Software (Hot Company).
Visit OneTrust at RSA USA Conference at booth #4800 and hear OneTrust and Uber discuss "How to Tackle the GDPR: A Typical Privacy and Security Roadmap" on Tuesday, 17 April at 1:00 PM PDT in Moscone West Room 2014 and 3:30 PM PDT in Moscone West Room 2005.

For additional information, or to request a live OneTrust Privacy Management Software demo, visit OneTrust.com or email [email protected].

About OneTrust
OneTrust's privacy management software is used by more than 1,500 organizations to comply with data privacy regulations across sectors and jurisdictions, including the EU GDPR and ePrivacy (Cookie Law).

The multi-lingual software is deployed in an EU cloud or on-premise, and is based on a combination of intelligent scanning, regulator guidance-based questionnaires, and automated workflows used together to automatically generate the record keeping required for an organization to demonstrate compliance to regulators and auditors.

OneTrust helps organizations implement GDPR requirements, including: Data Protection by Design (PbD), Data Protection Impact Assessments (PIA / DPIA), Vendor Risk Management, Incident and Breach Management, Records of Processing (Data Mapping), Universal Consent and Preference Management, ePrivacy Cookie Consent, Data Subject Access, Portability, and Right to Be Forgotten.

About the Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA's activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.  CSA has developed the definitive best practices for the industry, such as the "Security Guidance for Critical Areas of Focus in Cloud Computing", the "Cloud Controls Matrix", "Top Threats to Cloud Computing" and 50 other cloud security research artifacts. For further information, visit us at www.cloudsecurityalliance.org.

About Cyber Defense Magazine
With over 1.2 Million annual readers and growing, Cyber Defense Magazine is the premier source of IT Security information. We are managed and published by and for ethical, honest, passionate information security professionals. Our mission is to share cutting-edge knowledge, real-world stories and awards on the best ideas, products and services in the information technology industry. We deliver electronic magazines every month online for free, and limited print editions exclusively for the RSA conferences and our paid subscribers. Learn more about us at http://www.cyberdefensemagazine.com. CDM is a proud member of the Cyber Defense Media Group.

Media Contact: 
Gabrielle Ferree
Public Relations
+1 770-294-4668
[email protected]

 

Logo - https://mma.prnewswire.com/media/478210/OneTrust_Logo.jpg

 

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
"Evatronix provides design services to companies that need to integrate the IoT technology in their products but they don't necessarily have the expertise, knowledge and design team to do so," explained Adam Morawiec, VP of Business Development at Evatronix, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.
"We work around really protecting the confidentiality of information, and by doing so we've developed implementations of encryption through a patented process that is known as superencipherment," explained Richard Blech, CEO of Secure Channels Inc., in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"I focus on what we are calling CAST Highlight, which is our SaaS application portfolio analysis tool. It is an extremely lightweight tool that can integrate with pretty much any build process right now," explained Andrew Siegmund, Application Migration Specialist for CAST, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
The Founder of NostaLab and a member of the Google Health Advisory Board, John is a unique combination of strategic thinker, marketer and entrepreneur. His career was built on the "science of advertising" combining strategy, creativity and marketing for industry-leading results. Combined with his ability to communicate complicated scientific concepts in a way that consumers and scientists alike can appreciate, John is a sought-after speaker for conferences on the forefront of healthcare science,...
"Software-defined storage is a big problem in this industry because so many people have different definitions as they see fit to use it," stated Peter McCallum, VP of Datacenter Solutions at FalconStor Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
"Our strategy is to focus on the hyperscale providers - AWS, Azure, and Google. Over the last year we saw that a lot of developers need to learn how to do their job in the cloud and we see this DevOps movement that we are catering to with our content," stated Alessandro Fasan, Head of Global Sales at Cloud Academy, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
"We're focused on how to get some of the attributes that you would expect from an Amazon, Azure, Google, and doing that on-prem. We believe today that you can actually get those types of things done with certain architectures available in the market today," explained Steve Conner, VP of Sales at Cloudistics, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
As organizations shift towards IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. Commvault can ensure protection, access and E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his general session at 18th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Part...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with extensive global expertise as a strategist, technologist, innovator, marketer, and communicator. For over 30 years across five continents, he has built success with Fortune 500 corporations, vendors, governments, and as a leading research analyst and consultant.
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Archi...
"We're here to tell the world about our cloud-scale infrastructure that we have at Juniper combined with the world-class security that we put into the cloud," explained Lisa Guess, VP of Systems Engineering at Juniper Networks, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
In his session at 20th Cloud Expo, Brad Winett, Senior Technologist for DDN Storage, will present several current, end-user environments that are using object storage at scale for cloud deployments including private cloud and cloud providers. Details on the top considerations of features and functions for selecting object storage will be included. Brad will also touch on recent developments in tiering technologies that deliver single solution and an end-user view of data across files and objects...
Hardware virtualization and cloud computing allowed us to increase resource utilization and increase our flexibility to respond to business demand. Docker Containers are the next quantum leap - Are they?! Databases always represented an additional set of challenges unique to running workloads requiring a maximum of I/O, network, CPU resources combined with data locality.