ADManager Plus helps you comply with the GDPR

Is your organization based in the European Union? Does it service customers in the EU in any way?

If you answered yes to either of these questions, your organization must comply with the General Data Protection Regulation (GDPR) from May 25, 2018. The GDPR is all about the personal data of employees, customers, and prospects that companies hold. Ignoring this mandate can have major consequences—€20 million or 4 percent of your global turnover in penalities, to be exact.

Ensure data integrity and security

While complying with this regulation is important, what's more important is protecting customers' personal data. In this digital day and age, data protection is essential and that's exactly what the GDPR aims to achieve. Businesses need to respect the need for data security and institute measures to protect customer data in the long run.

Complying with the GDPR—the ADManager Plus way

If you use Active Directory (AD) to grant access to personal data in your network, use ADManager Plus to comply with the GDPR.* It offers a complete audit trail through its various reports and functionalities and allows you to:

• View members of specified groups, as well as group details.
• Identify the shared folders present in servers and audit shared folder permissions.
• List the access rights users and groups have over folders in specified paths or locations.
• See which folder and server permissions specified user accounts have.
• List the users and groups that have access to specific servers.
• Notify the appropriate individuals on requests that have been raised, reviewed, or approved.
• Create rules to assess and assign requests to appropriate technicians.
• Review the management actions to be carried out by technicians.
• View workflow requests that were created and assigned to the help desk.
• List all actions performed by help desk technicians.

Ensure that your organization has appropriate measures in place for data compliance and security using ADManager Plus' reports and functionalities. Email reports or export them to specified locations in multiple file formats to make sure you always have the data you need during investigations and security assessments.

Click here to see which GDPR articles ADManager Plus can help with.

S. No.	Article	Reports and functionalities
1.	Article 5, #1- f Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures ('integrity and confidentiality').	Use the following reports to demonstrate that the required technical and organisational measures are in place: Users in groups Groups for users Shares in the servers Permissions for folders Folders accessible by accounts Servers accessible by accounts Server permissions To demonstrate compliance, export reports in any file format or email them to stakeholders at specified intervals.
2.	Article 5, #2 The controller shall be responsible for, and be able to demonstrate compliance with, paragraph 1('accountability').	Users in groups Groups for users Shares in the servers Permissions for folders Folders accessible by accounts Servers accessible by accounts Server permissions
3.	Article 24, #1 Taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, the controller shall implement appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is performed in accordance with this Regulation. Those measures shall be reviewed and updated where necessary.	Users in groups Groups for users Shares in the servers Permissions for folders Folders accessible by accounts Servers accessible by accounts Server permissions
4.	Article 25, #2 The controller shall implement appropriate technical and organisational measures for ensuring that, by default, only personal data which are necessary for each specific purpose of the processing are processed. That obligation applies to the amount of personal data collected, the extent of their processing, the period of their storage and their accessibility. In particular, such measures shall ensure that by default personal data are not made accessible without the individual's intervention to an indefinite number of natural persons.	Workflow in ADManager Plus Notification rules Assignment rules
5.	Article 30 Each controller and, where applicable, the controller's representative, shall maintain a record of processing activities under its responsibility.	Workflow history Help desk technician audit
6.	Article 32, #4 The controller and processor shall take steps to ensure that any natural person acting under the authority of the controller or the processor who has access to personal data does not process them except on instructions from the controller, unless he or she is required to do so by Union or Member State law.	Folders accessible by accounts Help desk technician audit Admin audit

ADManager Plus is a web-based solution for all your AD, Exchange, and Office 365 management needs. It simplifies several routine tasks such as provisioning users, cleaning up dormant accounts, managing NTFS and share permissions, and more. ADManager Plus also offers more than 150 pre-packaged reports, including reports on inactive or locked-out AD user accounts, Office 365 licenses, and users' real last logon times. Perform management actions right from reports. Build a custom workflow structure that will assist you in ticketing and compliance, automate routine AD tasks such as user provisioning and de-provisioning, and more. Download a free trial today to explore all these features.

*: The reports required to comply with the GDPR vary depending on your organization's size, stakeholders, the nature of your business, and more. ADManager Plus has several other reports that could also help you in complying with this mandate. Discuss this with your security consultant today.