The Personal Data Protection Act (PDPA), which came into full effect on June 1st, stipulates that Personal Data Security refers to the confidentiality, integrity, and availability of personal data. Organizations that handle personal data must take steps to prevent any loss, unauthorized or unlawful access, use, change, amendment or disclosure of the personal data. There must be safeguards to cover the administrative, technical, and physical risks, so organizations in Thailand are now investing in people, process and technology - the three resources necessary to create the desired outcomes of the PDPA journey.
The challenge becomes tougher after the pandemic; when Work-From-Anywhere model is prevalent and remote connections to access sensitive data and applications in the organization are critical. With the PDPA in force, modern organizations have to put more priority on effective tools that allow secure, robust network access control and multi-factor authorization policy management. This is a delicate, complex, and time-consuming implementation process. Technology and tools are the largest components of the data protection budget for many companies, and business leaders must plan ahead to invest in data privacy controls especially given that the PDPA effective date has passed.
Fortinet, the world leader in cybersecurity, today introduces a quick way to help small and medium-sized enterprises have a headstart in complying with the Act faster and easier. The "2 + 1" formula consists of two key solutions, FortiGate1 and FortiSIEM2, together with one additional feature, two-factor authentication (2FA) which needs the token software installed on smartphone. SMEs, and even large enterprises, can easily adopt 2FA with Fortinet's zero trust access solution, that can thoroughly address the data security protection issue that most organizations are concerned about.
The advanced next-generation firewall FortiGate and FortiSIEM offer comprehensive range of functionalities that comply with security measures of PDPA as follows:
Fortinet's solution has the unique advantage that the 2FA feature can be enabled with Mobile Token instantly on the FortiGate firewall appliance. Organizations that are using the FortiGate firewall just need to purchase licenses for the additional 2FA feature. This is a simple and effective method that enterprises can provide multi-level authentication with their corporate accounts confidently. It's more seamless, convenient, and cost-effective, allowing enterprises to rapidly accelerate their PDPA compliance journey.
Dr. Rattipong Putthacharoen, Senior Manager Systems Engineering Department of Fortinet explains "Many Fortinet devices already have a number of personal data protection capabilities. This means customers who are currently using FortiGate firewall can turn on the embedded data protection functions to comply with requirements in PDPA. Fortinet launches the new "2 + 1" formula to educate the customers that they shall focus on necessary technical solutions that help them meet the general PDPA requirements. It can be a faster starting point in constructing PDPA-supported processes. After that, the organizations can opt to gradually expand their security capabilities according to their business needs, with step-by-step security risks reduction without increasing the burden on the IT team."