Promocil Achieves GDPR Compliance and Allocates Its Security Budget More Efficiently

Several minutes

To run a weekly audit

Netwrix has helped us achieve compliance with the GDPR, detect and eliminate security issues we had, raise the level of cybersecurity awareness and, as a result, protect our brand image. On top of that, it enabled our department to optimize auditing processes for a low functional cost, and become not just effective but efficient while saving time. I am definitely recommending Netwrix to other IT pros.

Thomas Dupont, Head of IT and Digital Strategy, Promocil

Challenge

Achieve ongoing compliance with the GDPR by automating classification of sensitive data and improving security monitoring processes.
Raise security awareness company-wide to enhance the security of data regulated by the GDPR.

Before, it took us several days of manual work to perform internal auditing, so we did it only once every two months. Now, Netwrix Auditor automatically provides all reports on a weekly basis, so no one has to dedicate time to this task. I plan to train the technical support team and the DPO to work with Netwrix Auditor so they can collect relevant information for their work as well.

Thomas Dupont, Head of IT and Digital Strategy,
Promocil

Netwrix Solution

Thomas Dupont, Head of IT and Digital Strategy at Promocil, chose Netwrix for its out-of-the-box GDPR reports and ability to accurately discover and classify sensitive information, such as customers’ and employees’ names, phone numbers, IDs and bank account numbers.

Insights into GDPR data. The IT team used the software to identify the exact locations of GDPR data across the company’s file servers. With this detailed insight into the types of regulated content being stored, they were able to reorganize the storage to ensure that no sensitive files were kept outside of dedicated secure locations. Now they are in the process of using Netwrix Auditor to clean up access rights across the company in accordance and ensure ongoing adherence to the least-privilege principle.
Detection of suspicious activity. With Netwrix Auditor’s user activity video recording, reports on activity around key IT systems and sensitive data, and alerts on critical changes and excessive failed activity, Thomas can now quickly pinpoint illicit actions and raise security awareness company-wide. He explained, “We sought this kind of visibility because an ounce of prevention is worth a pound of cure. Plus, we are very sensitive to cybersecurity, so we are closely working with our users to better communicate the policies to them. We are working on a campaign for employees in order to address their most typical errors and enhance cybersecurity awareness.”
More efficient budget allocation. Netwrix has enabled Thomas to control operational costs and allocate resources for the company’s compliance and security needs wisely. In particular, the solution streamlined the auditing process so effectively that they did not have to open a technical position for that task. As a result, they were able to hire a data protection officer (DPO) instead. (As a small company, Promocil is not obliged to have a DPO but they preferred to appoint one to oversee data protection and compliance.)

Key Benefits

Streamlined GDPR compliance
Improved threat detection
Enable better allocation of financial and human resources
Nurtured a culture of cybersecurity awareness

Netwrix Products

Netwrix Data Classification for

Windows File Servers

Customer Profile

Promocil is an ESH company (Entreprises Sociales pour l'Habitat, meaning Social Housing Landlords), part of the SAI Group (Sambre Avesnois Immobilier), founded in 1970 and located in the North of France. SAI Group is a private group for general interest, gathering 15,000 accommodations. SAI Group implements public housing policies in consultation with local authorities, the State and tenant representatives.

Customer: Promocil

Industry: Other

Website: www.groupe-sai.fr