Free Trial

Getting the Sumo Logic Platform Ready for GDPR

Security has been  at the core of the Sumo Logic platform since day one. Security, Compliance, Governance, Privacy and Risk have always been key components in all aspects of our service and business, and this is no exception as we prepare for European Union General Data Protection Regulation (EU GDPR).

Building Blocks

How are we preparing? Like many other organizations around the world, there are a number of steps we are taking as we work towards GDPR compliancy. This blog will outline some of these steps and why they’re so critical to GDPR.

Global Privacy Program

We are working to expand our privacy program to meet the needs of EU GDPR as well as future Privacy Laws or Regulations.  Privacy has long been an important pillar in programs, however with the rapidly growing areas of Big Data and the Internet of Things (IoT)  the need to clearly call out how individuals data is being used and where it is stored is more important than ever.

DPO

As part of this initiative, we have hired a Data Protection Officer (DPO) to lead the program. The DPO and information security team have also consulted with a privacy attorney to discuss our roadmap and ensure we are on the best path to EU GDPR compliance.  Additionally, she will be attending IAPP Training in London and obtaining her CIPP/E (Certified Information Privacy Professional/Europe) & CIPM (Certified Information Privacy Manager) Certifications.

Due Diligence

Some of the steps we are taking to ensure we are doing our due diligence and ensuring not only our compliance but that of our customers, is to work with all of our vendors and validate they are also working towards compliance with EU GDPR.

Data Protection Agreement

We also have a Data Protection Agreement (DPA) we will sign with customers to give them assurance that we will meet the May 25, 2018 deadline. We believe taking these steps are critical and allows us to provide our customers with confidence that Sumo Logic has done everything we can to ensure EU GDPR compliance.

Privacy by Design

Some other key processes and integrations we are working on are expanding our Security by Design to Security & Privacy by Design.  Per Article 25 Privacy will be considered in every phase of our product and in all aspects of our business.

Educate

Privacy training has been integrated into our new hire training, annual training and ongoing communications.  We will be working to ensure the entire organization understands EU GDPR as well as develop deeper,  targeted trainings for specific portions of the law that apply to individual groups.

Policies & Processes

We are working to update and incorporate Data Protection & Privacy into our Information Security Management System (ISMS) as well as expand our Impact Assessments to include a Data Protection Impact Assessment (DPIA) and better define and document the way we perform Data Mapping.

Customer Confidence

Lastly, while currently there is no official certification for EU GDPR today, we are engaging with third parties to validate our controls and will provide an independent attestation of controls in early Summer 2018.


You may find this relevant:

Get Started Today!

Sign up for your FREE Sumo Logic Trial.

Free Trial
“Sumo Logic brings everything together into one interface 
where we Hudl can quickly scan across 1,000 servers across and gigabytes of logs and quickly identify problems. It’s awesome software 
and awesome support.”

Jon Dokuli,
VP of Engineering

Sign up for your 30 day free trial!*
Sign up for Sumo Logic Free
  • No credit card required to sign-up
  • Create your account in minutes
  • No expiration date*
  • *After 30 day trial period, reverts to Sumo Logic Free
    View All Pricing Options
    Already have an account? Login