SYS-CON MEDIA Authors: Yeshim Deniz, Carmen Gonzalez, Liz McMillan, Elizabeth White, Pat Romanski

News Feed Item

OneTrust Joins Cloud Security Alliance to Simplify Vendor Risk Management for GDPR Compliance

- Announced at RSA USA Conference, Partnership Simplifies GDPR Requirements into Organizations' Existing CSA Framework

SAN FRANCISCO, April 16, 2018 /PRNewswire/ -- Today at RSA USA Conference, OneTrust, a global leader in enterprise privacy management software that supports compliance with data privacy regulations, announced it joined the Cloud Security Alliance (CSA), the world's leader in secure cloud computing best practices. Additionally, Cyber Defense Magazine announced OneTrust earned two top InfoSec Awards for Privacy Management Software and Privacy Expert of the Year.

 (PRNewsfoto/OneTrust)

As a CSA partner, OneTrust streamlines Vendor Risk Management by incorporating General Data Protection Regulation (GDPR) requirements for third-party vendor assessments into an organization's pre-existing CSA assessment framework. In conjunction, OneTrust announced a first-of-its-kind cloud vendor assessment framework to audit the security controls and privacy program maturity of third-party vendors. The framework assesses third-party vendors to help them meet both the requirements of the General Data Protection Regulation (GDPR) and the necessary cloud vendor security controls as outlined by the CSA.

Leveraging third-party cloud service providers is critical to business operations, and many organizations utilize CSA assessment frameworks when evaluating the security risk of vendors. This assessment process will become increasingly complex as cloud vendors take on the role of processors under GDPR, making them accountable for a variety of new data protection obligations. 

As part of CSA, OneTrust's template library is extended to include CSA-approved security assessments for vendors. Available in the OneTrust template library, OneTrust customers can now utilize the comprehensive GDPR compliance and CSA vendor security template, which combines both OneTrust and CSA best practices.

"OneTrust's mission is to help organizations simplify their privacy programs and achieve regulatory compliance," said Blake Brannon, Vice President of Products, OneTrust. "Our integrations with CSA's framework and assessments helps us further this mission and provide streamlined templates for vendor risk management and cloud security compliance."

"We're excited to welcome OneTrust to the Cloud Security Alliance," said Jim Reavis, CEO, Cloud Security Alliance.  "As a leader in privacy management software, many OneTrust customers will now benefit from CSA's guidance and best practices to support third-party cloud service provider assessment obligations under GDPR."

Also at RSA USA, Cyber Defense Magazine awarded OneTrust with two InfoSec Award wins for Privacy Expert of the Year (Editor's Choice) and Privacy Management Software (Hot Company).
Visit OneTrust at RSA USA Conference at booth #4800 and hear OneTrust and Uber discuss "How to Tackle the GDPR: A Typical Privacy and Security Roadmap" on Tuesday, 17 April at 1:00 PM PDT in Moscone West Room 2014 and 3:30 PM PDT in Moscone West Room 2005.

For additional information, or to request a live OneTrust Privacy Management Software demo, visit OneTrust.com or email [email protected].

About OneTrust
OneTrust's privacy management software is used by more than 1,500 organizations to comply with data privacy regulations across sectors and jurisdictions, including the EU GDPR and ePrivacy (Cookie Law).

The multi-lingual software is deployed in an EU cloud or on-premise, and is based on a combination of intelligent scanning, regulator guidance-based questionnaires, and automated workflows used together to automatically generate the record keeping required for an organization to demonstrate compliance to regulators and auditors.

OneTrust helps organizations implement GDPR requirements, including: Data Protection by Design (PbD), Data Protection Impact Assessments (PIA / DPIA), Vendor Risk Management, Incident and Breach Management, Records of Processing (Data Mapping), Universal Consent and Preference Management, ePrivacy Cookie Consent, Data Subject Access, Portability, and Right to Be Forgotten.

About the Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA's activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.  CSA has developed the definitive best practices for the industry, such as the "Security Guidance for Critical Areas of Focus in Cloud Computing", the "Cloud Controls Matrix", "Top Threats to Cloud Computing" and 50 other cloud security research artifacts. For further information, visit us at www.cloudsecurityalliance.org.

About Cyber Defense Magazine
With over 1.2 Million annual readers and growing, Cyber Defense Magazine is the premier source of IT Security information. We are managed and published by and for ethical, honest, passionate information security professionals. Our mission is to share cutting-edge knowledge, real-world stories and awards on the best ideas, products and services in the information technology industry. We deliver electronic magazines every month online for free, and limited print editions exclusively for the RSA conferences and our paid subscribers. Learn more about us at http://www.cyberdefensemagazine.com. CDM is a proud member of the Cyber Defense Media Group.

Media Contact: 
Gabrielle Ferree
Public Relations
+1 770-294-4668
[email protected]

Cision View original content with multimedia:http://www.prnewswire.com/news-releases/onetrust-joins-cloud-security-alliance-to-simplify-vendor-risk-management-for-gdpr-compliance-300630071.html

SOURCE OneTrust

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Cloud is the motor for innovation and digital transformation. CIOs will run 25% of total application workloads in the cloud by the end of 2018, based on recent Morgan Stanley report. Having the right enterprise cloud strategy in place, often in a multi cloud environment, also helps companies become a more intelligent business. Companies that master this path have something in common: they create a culture of continuous innovation. In his presentation, Dilipkumar Khandelwal outlined the latest...
Data center, on-premise, public-cloud, private-cloud, multi-cloud, hybrid-cloud, IoT, AI, edge, SaaS, PaaS... it's an availability, security, performance and integration nightmare even for the best of the best IT experts. Organizations realize the tremendous benefits of everything the digital transformation has to offer. Cloud adoption rates are increasing significantly, and IT budgets are morphing to follow suit. But distributing applications and infrastructure around increases risk, introdu...
DevOps has long focused on reinventing the SDLC (e.g. with CI/CD, ARA, pipeline automation etc.), while reinvention of IT Ops has lagged. However, new approaches like Site Reliability Engineering, Observability, Containerization, Operations Analytics, and ML/AI are driving a resurgence of IT Ops. In this session our expert panel will focus on how these new ideas are [putting the Ops back in DevOps orbringing modern IT Ops to DevOps].
Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software with the simplicity and reach of the open web. With staff in 10 timezones, Isomorphic provides a global network of services related to our technology, with offerings ranging from turnkey application development to SLA-backed enterprise support. Leadin...
FinTech is a disruptive innovation that denotes the adoption of technologies that have changed how traditional financial services work. While FinTech is now embedded deeply into the financial services ecosystem, the rise of digital age has paved way to FinTech 2.0 - which is rolling out innovative solutions through emerging technologies at a disruptive pace while maintaining the tenets of security and compliances. Blockchain as a technology has started seeing pilot adoption in FinTech around ...
On-premise or off, you have powerful tools available to maximize the value of your infrastructure and you demand more visibility and operational control. Fortunately, data center management tools keep a vigil on memory contestation, power, thermal consumption, server health, and utilization, allowing better control no matter your cloud's shape. In this session, learn how Intel software tools enable real-time monitoring and precise management to lower operational costs and optimize infrastructure...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
Now is the time for a truly global DX event, to bring together the leading minds from the technology world in a conversation about Digital Transformation. DX encompasses the continuing technology revolution, and is addressing society's most important issues throughout the entire $78 trillion 21st-century global economy. DXWorldEXPO® has organized these issues along 10 tracks, 22 keynotes and general sessions, and a faculty of 222 of the world's top speakers.
SUSE is a German-based, multinational, open-source software company that develops and sells Linux products to business customers. Founded in 1992, it was the first company to market Linux for the enterprise. Founded in 1992, SUSE is the world's first provider of an Enterprise Linux distribution.
Artifex Software began 25-years ago with Ghostscript, a page description language (PDL) interpreter software prevalent in printing and related applications requiring rendering and/or conversion from one software language to another. Founded by renowned computer scientist Dr. L. Peter Deutsch, our company has thrived on the basis of our sharp focus on this area of expertise, a zealous commitment to quality and a strong customer service orientation. Over 100 OEM partners representing some of th...
Blockchain has shifted from hype to reality across many industries including Financial Services, Supply Chain, Retail, Healthcare and Government. While traditional tech and crypto organizations are generally male dominated, women have embraced blockchain technology from its inception. This is no more evident than at companies where women occupy many of the blockchain roles and leadership positions. Join this panel to hear three women in blockchain share their experience and their POV on the futu...
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the competition, or worse, just keep up. Each new opportunity, whether embracing machine learning, IoT, or a cloud migration, seems to bring new development, deployment, and management models. The results are more diverse and federated computing models than any time in our history.
In an age of borderless networks, security for the cloud and security for the corporate network can no longer be separated. Security teams are now presented with the challenge of monitoring and controlling access to these cloud environments, as they represent yet another frontier for cyber-attacks. Complete visibility has never been more important-or more difficult. Powered by AI, Darktrace's Enterprise Immune System technology is the only solution to offer real-time visibility and insight into ...
Alan Hase is Vice President of Engineering and Chief Development Officer at Big Switch. Alan has more than 20 years of experience in the networking industry and leading global engineering teams which have delivered industry leading innovation in high end routing, security, fabric and wireless technologies. Alan joined Big Switch from Extreme Networks where he was responsible for product strategy for its secure campus switching, intelligent mobility and campus orchestration products. Prior to Ext...
In today's always-on world, customer expectations have changed. Competitive differentiation is delivered through rapid software innovations, the ability to respond to issues quickly and by releasing high-quality code with minimal interruptions. DevOps isn't some far off goal; it's methodologies and practices are a response to this demand. The demand to go faster. The demand for more uptime. The demand to innovate. In this keynote, we will cover the Nutanix Developer Stack. Built from the foundat...