Jump to content

Get Your
Free 30-Day Trial WhatsUpGold

France Regulations

Please note: Data privacy laws in the European Union have a very strong emphasis on protecting the individual’s right to know what personally identifiable data is being collected, who is collecting the data, and for what purposes. Furthermore, such laws protect the individual’s right to refuse collection, dissemination, or analysis of their personal data. Organizations who collect personally identifiable data have an obligation to confirm exactly what data is considered protected, what consent they need to obtain from data subjects, and what safeguards they should employ to protect that data from unauthorized uses.

See how the WhatsUp Gold family can mitigate risk and protect personal data to comply with France’s Data Protection Act regulations

Like many other countries with similar privacy regulations, France’s Data Protection Act, established in 1978 and amended in 2004, seeks to secure the collection, processing and use of personal data to maintain user privacy.

See see how the WhatsUp Gold family can help you mitigate risk, protect privacy and access to protected personal information, and prove compliance with Data Protection Act regulations in France:

Data Protection Act Requirement How WhatsUp Log Management Addresses Data Protection Act Requirement

Article 34
The data controller shall take all useful precautions, with regard to the nature of the data and the risks of the processing, to preserve the security of the data and, in particular, prevent their alteration and damage, or access by non-authorized third parties.

  • Real-time monitoring and detection of suspicious events and messages to mitigate risk of unauthorized use of and security threats to personal data
  • Protection of archived log data via cryptographic hashing / FIPS 140-2 encryption & validation to maintain personal data integrity
  • Deep forensic analysis in the aftermath of a security event to pinpoint exactly where a security policy failed (the Commission Nationale de l'Informatique et des Libertés MUST be notified after a breach)
Requirements Recommended WhatsUp Log Management Report

Article 34
The data controller shall take all useful precautions, with regard to the nature of the data and the risks of the processing, to preserve the security of the data and, in particular, prevent their alteration and damage, or access by non-authorised third parties.

  • Account Management – Success/Failure
  • Directory Service Access – Success/Failure
  • System Events – Success/Failure
  • Object Access Attempts – Success/Failure
  • Object Deletions
  • Group Management
  • Password Reset Attempts by Users
  • Password Reset Attempts by Administrators or Account Operators
  • Computer Account Management
  • Directory Service Access Attempts
  • Logon Failures – Active Directory
  • Logon Failures – Local Logons

The Financial Security Law of France (LSF) was adopted by French Parliament in 2003, aiming to strengthen legal provisions related to corporate governance.

Similar to Sarbanes-Oxley in the United States, the LSF establishes the need for the implementation of internal regulatory control procedures, and the monitoring of and reporting on regulatory control compliance.

See how the WhatsUp Gold family of solutions can help you comply with France’s Financial Security Law:

LSF Requirement How Our Solutions Address Corporate Governance Code Requirement

Section 1.2.1
The Reform requires that the President of the Board of Directors or Supervisory Board of corporations prepare, in addition to the Board's annual management report, a separate report on the internal control of the company.

WhatsUp Log Management:

  • Automatic collection and consolidation of log files from all types of infrastructure and applications for near real-time review and forensic analysis
  • Monitoring of individual file, folder and registry access, and any changes or deletions that may impact or contain log data key to financial reports
  • Cryptographic hashing of archived log data to protect its integrity
  • Automatic reporting on critical log file data access and related changes to all stakeholders
  • Monitoring and reporting on changes to key groups, such as Administrators, Account Operators, etc. that could lead to financial data tampering

WhatsUp Gold:

  • The WUG infrastructure monitoring platform monitors and maintains the health and availability of all systems that contribute to financial reporting. Rogue activity targeting your corporate network, for instance, is proactively prevented with this comprehensive "internal control system"
Requirements Recommended WhatsUp Log Management Report

Section 1.2.1
The Reform requires that the President of the Board of Directors or Supervisory Board of corporations prepare, in addition to the Board's annual management report, a separate report on the internal control of the company.

  • Computer Account Management
  • Directory Service Access Attempts
  • Logon Failures – Active Directory
  • Logon Failures – Local Logons
  • Object Access Attempts – Success/Failure
  • Object Deletions
  • Password Reset Attempts by Users
  • Password Reset Attempts by Administrators or Account Operators
  • Process (Program) Usage
  • User Activity in Auditing Categories
  • Successful Network Logons – Workstations and Servers
  • Policy Change - Success/Failure
  • Account Management – Success/Failure
  • Directory Service Access - Success/Failure
  • System Events - Success/Failure