GDPR Compliance Responsibilities on - Blacknight Products April 2018

Page created by Ricky Lawson
Arts & Entertainment
English
 
CONTINUE READING
Page content transcription
If your browser does not render page correctly, please read the page content below
GDPR Compliance Responsibilities on - Blacknight Products April 2018
GDPR Compliance Responsibilities on
         Blacknight Products April 2018
#DOMAINS #HOSTING #EMAIL

GDPR is due to come into force May 25th 2018. It sets out regulations for security and privacy controls
required when handling Personally Identifiable Data (PII). This document attempts to clarify the
responsibilities of both Blacknight and the Customer for the various platform services, which Blacknight
provides.

Blacknight offer domain registrations, shared hosting, Cloud servers, dedicated & co-located servers, hosted
mail (Q-mail, Hosted Exchange) and Office 365 platforms for customers to host their data with us. Each
platform type is different and whilst we control the platform, we do not have visibility on a customer’s data
and therefore we are not always considered to be a data controller under GDPR regulations. As this
document attempts to clarify, Blacknight have full responsibility for managing the security and integrity of
the platform, shares responsibility with regard to data protection in some cases, and in other areas, the
customer is completely responsible as the data controller.

Domain Registrations
Blacknight register domain registrations on behalf of its customer with various registries or registry resellers
(registrars). The data collected by Blacknight is a requirement of the registration process and some of this
data is used in populating the WHOIS database, which provides transparency of domain registration globally.
Most of this is publicly available information and can be retrieved via a WHOIS query. Blacknight do not
control this data, and collection of this data is a requirement under ICANN contractual obligations or the
specific policies and contractual requirements imposed by the domain registries. (Internet Corporation for
Assigned Names and Numbers) **

Shared Hosting
Blacknight provide a range of Shared Hosting services, which allow a customer to provision a website, store
database information, and host their email accounts on shared servers (Servers that share resources with
other customers). The responsibility for securing the data is therefore shared between Blacknight and the
customer. Blacknight are responsible for securing the shared hosting infrastructure (the underlying hardware
and operating systems) supporting the platform whilst the content, passwords, access to the data etc. is the
responsibility of the customer. In addition, the customer is responsible for their own backups and for
securing the CMS applications by keeping them up to date.

Office 365 and Hosted Exchange
Office 365 is Microsoft's online cloud platform mail service, which Blacknight resell through our control
panel. We only manage the Office365 accounts via our control panel integration on behalf of Microsoft. The
email data is hosted on data centres situated within the EU. Office365 offers solutions to protect customer
data such as lockbox, threat management and data loss prevention on specific versions to enhance security
and data protection.

Hosted Exchange accounts on the Odin platform are managed by the control panel admin (customer) whilst
the mailboxes are stored on Blacknight servers within Ireland.

**This is currently under review with ICANN

visit: www.blacknight.com                     email: sales@blacknight.com                call: +353 (0)59 9183072
#DOMAINS #HOSTING #EMAIL

SSL Certificates
Blacknight are authorised resellers of SSL certificates and we collect PII information (name email address,
CRO number etc.) pertaining to the certificate to provide the SSL provider with the information necessary to
validate the registrant. Where our support team have been requested to provide assistance in the
installation of an SSL cert, we store any generated CSR (cert signing request) or private keys in an encrypted
database.

BaseKit siteBuilder
BaseKit is a third party site-builder platform, which is available through the Blacknight control panel. This is a
cloud based product hosted by BaseKit themselves and similar to how Office 365 accounts are managed via
our control panel integration. The data is stored on Base-Kit servers not on Blacknight servers. The account
details are maintained in the Blacknight control panel database and a reference ID with domain name is sent
to BaseKit.
Cloud Server Virtual Machines
NIST (National Institute for Standards and Technology) defines three primary cloud service delivery
mechanisms: infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS).

Blacknight cloud service can be categorised as either PaaS or IaaS depending on the solution. Blacknight are
responsible for maintaining the security of the Hypervisor infrastructure, Cloud control panel, infrastructure
backups etc. whilst the customer is responsible for the virtual machine (VM) content, for backing up,
securing and classifying that content.

Physical security of the data is the one responsibility that is wholly owned by cloud service providers when
using cloud-computing models.

With an IaaS service model, for capabilities such as virtual machines, storage, and networking, it’s the
customer’s responsibility to configure and protect the data that is stored and transmitted. When using an
IaaS-based solution, data classification must be considered by the customer at all layers of the solution.

The remaining responsibilities are shared between customers and cloud service providers. Some scenarios
require Blacknight and the customer to manage and administer the responsibility together, (e.g. in a
managed services scenario, Blacknight are responsible for the patching and maintenance of the operating
system, whereas the customer is responsible for the configuration of the Operating System and its baseline
security). In this scenario, the customer is accountable to ensure their solution and its data is securely
identified, labelled and correctly classified to meet any compliance obligation.

Network control - includes the configuration, management, and securing of network elements such as virtual
networking, load balancing, DNS, and gateways. The controls provide a means for services to communicate
and interoperate. This is Blacknight’s responsibility as it is outside the control of the customer.

In an IaaS solution, the customer shares responsibility with a service provider to deploy, manage, secure, and
configure the networking solutions to be implemented. (e.g. IP tables or Microsoft Windows firewall rules)

visit: www.blacknight.com                  email: sales@blacknight.com                    call: +353 (0)59 9183072
#DOMAINS #HOSTING #EMAIL

Dedicated Servers
Similar to the cloud services, Blacknight provide dedicated servers for configuration by the customer. The
customer leases and has full control of the server and can if necessary remove all access from Blacknight
staff. In this instance, the customer has full responsibility for the data and content, whilst Blacknight are
responsible for securing physical access to the servers, and where applicable ensuring external firewalls are
managed securely.

Managed dedicated servers
In order to manage the server, Blacknight require access to it via SSH key or admin password. In this
instance, Blacknight has a responsibility to ensure there is no unauthorised access outside of the Blacknight
engineering team and that access is recorded and/or consent is sought prior to access.

Managed private cloud
Similar to Managed dedicated servers, managed private cloud require access to the servers which host the
virtual machines (VM) and in some cases to the actual VMs themselves.

Responsibility for the security and classification of data on the VMs is with the customer, and Blacknight is
responsible for ensuring restricted authorised access to either the VMs or the Host hypervisors.

Co-located Servers
The customer is fully responsible for the configuration, patching and security of any co-located equipment
hosted with us. Blacknight are solely responsible for ensuring the service level agreements are met in
relation to power and connectivity. Blacknight do not have access to this equipment other than physical
access to the rack. Blacknight’s sole responsibilities in relation to GDPR therefore, are to ensure physical
access to the server is restricted to authorised personnel.

Backup services (Acronis /CDP)
The customer is responsible for ensuring the security of any passwords /URLs provided for access to the
Backup portals. Blacknight is responsible for implementing operational controls to restrict authorised access
to the backup servers and data.

visit: www.blacknight.com                 email: sales@blacknight.com                    call: +353 (0)59 9183072
#DOMAINS #HOSTING #EMAIL

Data Control Overview

                                                                                   Managed
                                         Shared               Dedicated   Online                Office     Hosted
                            Domains                 Cloud                          Servers /
                                         Hosting               & Colo     Backup                 365        Email
                                                                                   Firewalls
 Data
 Classification

 End-Point
 Protection                                                                                    Microsoft

 Identity & Access
 Management

 Application Level
 Control

 Network
 Controls

 Host
 Infrastructure

 Physical
 Security

 Legend                     Blacknight             Customer               Shared               Microsoft
                                                                                                           Microsoft

visit: www.blacknight.com                   email: sales@blacknight.com               call: +353 (0)59 9183072
You can also read
Testing and new cases (UK) - Gov.uk
Testing and new cases (UK) - Gov.uk
Package 'biosigner' September 23, 2021 - Bioconductor
Package 'biosigner' September 23, 2021 - Bioconductor
CUSTOMER CASE STUDY MYFITNESSPAL
CUSTOMER CASE STUDY MYFITNESSPAL
THE PAST, PRESENT AND FUTURE OF IRODS AT TACC - Chris Jordan TACC Data Management and Collections Group IRODS UGM, June 10 2020
THE PAST, PRESENT AND FUTURE OF IRODS AT TACC - Chris Jordan TACC Data Management and Collections Group IRODS UGM, June 10 2020
Risk of cardiovascular disease associated with living in areas of greater earthquake housing damage
Risk of cardiovascular disease associated with living in areas of greater earthquake housing damage
Two-Way ANOVA with Post Tests1
Two-Way ANOVA with Post Tests1
Biopharma Data Champions Kickstarter - guiding you on your journey to data project success - SEPTEMBER 2021 - FEBRUARY 2022 - Digital Asset ...
Biopharma Data Champions Kickstarter - guiding you on your journey to data project success - SEPTEMBER 2021 - FEBRUARY 2022 - Digital Asset ...
DISTRIBUTION OF WORKLOAD BETWEEN PHARMACY UNITS IN PKD HULU LANGAT - Esther Ng, Pharmacist U41, PKD Hulu Langat
DISTRIBUTION OF WORKLOAD BETWEEN PHARMACY UNITS IN PKD HULU LANGAT - Esther Ng, Pharmacist U41, PKD Hulu Langat
Can API Standardisation Ensure Fair Competition with the Tech Giants? - COMSYS, RWTH Aachen
Can API Standardisation Ensure Fair Competition with the Tech Giants? - COMSYS, RWTH Aachen
Open / FAIR research data in Horizon 2020 - Daniel Spichtinger DG RTD, Unit A.6.
Open / FAIR research data in Horizon 2020 - Daniel Spichtinger DG RTD, Unit A.6.
ACCELERATE BUSINESS OUTCOMES WITH LOCAL AND OFFSITE CLOUD BACKUPS AND RESTORES - Codero
ACCELERATE BUSINESS OUTCOMES WITH LOCAL AND OFFSITE CLOUD BACKUPS AND RESTORES - Codero
How High-Performing Companies Deliver - Incredibly Personalized Customer Service Experiences - Contact Us
How High-Performing Companies Deliver - Incredibly Personalized Customer Service Experiences - Contact Us
JACADA AGENT SCRIPTING - Case Study
JACADA AGENT SCRIPTING - Case Study
Variation Notice - Virgin Money
Variation Notice - Virgin Money
Marlborough Roads Recovery Update - Tuesday 12 October 2021 Marlborough Sounds
Marlborough Roads Recovery Update - Tuesday 12 October 2021 Marlborough Sounds
Technical Disclosure Commons
Technical Disclosure Commons
Remote Learning Contingency plan January 2021 - Unity Community Primary
Remote Learning Contingency plan January 2021 - Unity Community Primary
Kettner's Corner #10 - zTidBits@CPO (Dispatchable - UOW)
Kettner's Corner #10 - zTidBits@CPO (Dispatchable - UOW)
TRUST TOWER, WORLD TRADE CENTRE, UAE - Helvar
TRUST TOWER, WORLD TRADE CENTRE, UAE - Helvar
Platform as a Service (PaaS) - COSC349-Cloud Computing Architecture David Eyers
Platform as a Service (PaaS) - COSC349-Cloud Computing Architecture David Eyers
Public Understanding of Coercive Control - ulster.ac.uk Dr Susan Lagdon Lecturer in Psychology (Mental Health) - ARK
Public Understanding of Coercive Control - ulster.ac.uk Dr Susan Lagdon Lecturer in Psychology (Mental Health) - ARK
HOME AUTOMATION SYSTEM USING IOT-USING GOOGLE ASSISTANT
HOME AUTOMATION SYSTEM USING IOT-USING GOOGLE ASSISTANT
SMART WIFI LED BULB - BNETA
SMART WIFI LED BULB - BNETA
ITER Research Plan priorities for WP AC in 2022 - Indico
ITER Research Plan priorities for WP AC in 2022 - Indico
Environmental Health Officers and Assistant Environmental Officers Malaysia COVID-19 Pandemic Report - Presented by Malaysian Association of ...
Environmental Health Officers and Assistant Environmental Officers Malaysia COVID-19 Pandemic Report - Presented by Malaysian Association of ...
SKAI 2 HV - Ultra Compact Converter for Electrified Utility Vehicles - SEMIKRON
SKAI 2 HV - Ultra Compact Converter for Electrified Utility Vehicles - SEMIKRON
The Active Flutter Suppression (AFS) Technology Evaluation Project - Eli Livne, Ph.D. The William E. Boeing Department of Aeronautics and ...
The Active Flutter Suppression (AFS) Technology Evaluation Project - Eli Livne, Ph.D. The William E. Boeing Department of Aeronautics and ...
HGate Product Catalog - Hydraulic activeGate Control HOT RUNNER TECHNOLOGY - Stabilize your Process - Synventive
HGate Product Catalog - Hydraulic activeGate Control HOT RUNNER TECHNOLOGY - Stabilize your Process - Synventive
682nd ASOS Mission Brief - Mobile, Networked, Tactical C2 Lt Col Rodney Singleton
682nd ASOS Mission Brief - Mobile, Networked, Tactical C2 Lt Col Rodney Singleton
BSW Home Schooling Year Group summaries - January update
BSW Home Schooling Year Group summaries - January update
Digital Exposure Opportunities - Increase your brand recognition Increase the exposure of your products and service - Messe ...
Digital Exposure Opportunities - Increase your brand recognition Increase the exposure of your products and service - Messe ...
MILITARY IMPACTED SCHOOLS ASSOCIATION (MISA) - 2021 SCHOLARSHIP FUND APPLICATION
MILITARY IMPACTED SCHOOLS ASSOCIATION (MISA) - 2021 SCHOLARSHIP FUND APPLICATION
Re-Inventing Virtual Cooking Classes At The Cutting Edge Classroom Cooking School The Menu Chicago style deep dish pizza - The Cutting ...
Re-Inventing Virtual Cooking Classes At The Cutting Edge Classroom Cooking School The Menu Chicago style deep dish pizza - The Cutting ...
2019 EXEMPLARY VOLUNTEER RECOGNITION NOMINATION - UCC-APC
2019 EXEMPLARY VOLUNTEER RECOGNITION NOMINATION - UCC-APC
CONNECTION RANDOLPH - Randolph Communications
CONNECTION RANDOLPH - Randolph Communications
www.hlstoneworld.com.au - HL Stone World
www.hlstoneworld.com.au - HL Stone World
Producing accessible materials for print and online - AbilityNet
Producing accessible materials for print and online - AbilityNet
More fun - The Waterfront Beach Resort
More fun - The Waterfront Beach Resort
2019 FEDEX RATE INCREASE - VIProcure
2019 FEDEX RATE INCREASE - VIProcure
A Report on NSS Day Celebrations Conducted on 23, 24-09-2020 (Youth Festival)
A Report on NSS Day Celebrations Conducted on 23, 24-09-2020 (Youth Festival)
2021 Media Information - Tank Container Magazine
2021 Media Information - Tank Container Magazine
Click to edit Master title style - Budget Scrutiny Strategic Transport & Infrastructure
Click to edit Master title style - Budget Scrutiny Strategic Transport & Infrastructure
PAYROLL PROCEDURES FOR HIGH EARNERS CONTRIBUTING TO THE NEW BRUNSWICK PUBLIC SERVICE PENSION PLAN - DECEMBER 2017
PAYROLL PROCEDURES FOR HIGH EARNERS CONTRIBUTING TO THE NEW BRUNSWICK PUBLIC SERVICE PENSION PLAN - DECEMBER 2017
SOCIAL COMPANION/ADOPTION DOG APPLICATION
SOCIAL COMPANION/ADOPTION DOG APPLICATION
Donegal English Language School - Learn the Language | Live the Adventure - Family Programme 2021 - Sprachenmarkt
Donegal English Language School - Learn the Language | Live the Adventure - Family Programme 2021 - Sprachenmarkt
Changing Flexibility Requirements & New Resourcs - DOE Solar Energy Technology Office Summit, Oakland
Changing Flexibility Requirements & New Resourcs - DOE Solar Energy Technology Office Summit, Oakland
Rakuten Research Profile - Japan Your leading data and market research provider in
Rakuten Research Profile - Japan Your leading data and market research provider in
Global cloud services spending exceeded US$47 billion in Q2 2021
Global cloud services spending exceeded US$47 billion in Q2 2021
EMPLOYERS WHO ARE CURRENTLY HIRING (Upated 3/30) - Palmetto Goodwill
EMPLOYERS WHO ARE CURRENTLY HIRING (Upated 3/30) - Palmetto Goodwill
2021 Carrier General Rate Increase (GRI): A Year Like No Other - 3 Mistakes You Don't Want to Make with the GRI - VeriShip
2021 Carrier General Rate Increase (GRI): A Year Like No Other - 3 Mistakes You Don't Want to Make with the GRI - VeriShip
We use cookies. Please refer to the Privacy Policy.