Trust is an often-overused word. “Trust me” is easy to say, but much harder to demonstrate. This is especially true when it comes to storing and safeguarding data, particularly sensitive and personal data.
With the General Data Protection Regulation (GDPR) just on the horizon, the stakes have never been higher. Organizations trusting their data to a third-party processor must undertake more stringent due diligence and be satisfied their chosen vendor is up to the job.
At Mimecast, our business is built on trust. Even before GDPR we have gone to great lengths to demonstrate the security and resilience of our Mime|OS platform. It’s part of the reason why our customers trust us with over 34 petabytes of their critical email data. Security and privacy are built-in to every aspect of Mimecast’s services, processes, and operations. Our extensive certifications include:
- ISO 27001 – information security and data protection
- ISO 27018 – protection of Personally Identifiable Information (PII)
- ISO 22301 – focused on business continuity management
- SOC 2 Type II
The Mimecast Trust Center is a valuable resource for current and potential customers to find more details on the certifications, attestations and audit reports that demonstrate the investment we make in the security, privacy, and transparency that underpins everything we do.
Mimecast has already committed to GDPR compliance across solutions and products when enforcement of the law comes into effect. To underpin this commitment, we’ve appointed Marc French as Chief Trust Officer and Data Protection Officer (DPO). We’re also providing GDPR assurances in all contracts today, and specific compliance information and documentation in our Trust Center.
Our cloud-based, cyber resilience services for email can be a vital component of GDPR compliance strategies. As an email security and data protection leader, we recognize the importance of defending this critical business tool and its data. By design, email holds a huge amount of personal data. It’s also the number one attack vector used in over 90 percent of attacks.
Taking all possible steps to prevent a breach is paramount, but accepting the inevitability of something getting through at some point is equally important. Being able to rapidly search a central repository of archive and backup data, export, and even delete data if requested is key to supporting GDPR compliance efforts. And maintaining security and data access during primary email system failure or downtime, whatever the cause, is imperative to consistently maintain the necessary privacy and protection standards.
Mimecast’s integrated cyber resilience suite, incorporating security, archiving and recovery, and continuity cyber resilience services for email is helping support our customers’ GDPR strategies. Download the Simplify GDPR Compliance for Email solutions brief and visit our GDPR-specific Trust Center page to learn more.
This article was originally published here.