General Data Protection Regulation Deployment Guide

This guide describes how to implement the LogRhythm GDPR Compliance Automation Suite. This suite provides pre-bundled Investigations, Alarms, and Reports that are designed for the European Union’s (EU) General Data Protection Regulation (GDPR). In addition, this guide shows how to augment GDPR compliance regulations using the LogRhythm Investigations, Correlation Rules, Alarms, and Reports.

After you configure the automation suite, the LogRhythm Platform Manager (Event Manager) includes the proper components needed for GDPR compliance. Alarms, Investigations, and Reports are automatically associated with the correct GDPR asset categories. You can then schedule Reports for periodic generation and delivery, or generate them on demand. To identify areas of non-compliance in real-time, you can leverage Investigations and Alarms for immediate analysis of activities that impact your organization's cardholder data systems.

Intended Audience

This guide is intended for LogRhythm SIEM administrators and analysts who are responsible for maintaining compliance with GDPR. Further, monthly, and weekly Reporting Packages can be established to provide forensic evidence and audit data to appropriate audiences for distribution. These groups include Security Operations, Security Management, IT Operations, Audit, and Executive Management. These reporting packages, content included, and frequency can be adjusted according to the needs of your audience.

This guide is divided into the following sections: