{"id":639,"date":"2018-02-23T17:34:03","date_gmt":"2018-02-23T17:34:03","guid":{"rendered":"https:\/\/live-infoblox-blog.pantheonsite.io\/?p=639"},"modified":"2020-05-06T10:27:08","modified_gmt":"2020-05-06T17:27:08","slug":"part-2-4-practical-advice-to-network-and-security-operations","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/","title":{"rendered":"[Part 2\/4] Practical Advice to Network and Security Operations Pros Regarding GDPR Compliance"},"content":{"rendered":"<p>This is the second in a four-part blog series. You can find the first part\u00a0<a href=\"\/community\/part-1-4-practical-advice-to-network-and-security-operations\" target=\"_self\" rel=\"noopener noreferrer\">here<\/a>.<\/p>\n<h1 id=\"toc-hId-474173170\">Part 2 &#8211; Architecture Review<\/h1>\n<p>While network security is not the focus of the GDPR, without it there would inevitably be security incidents and events, some of which would lead to data breaches. Many organisations are working through the legal and process aspects to data handling, along with the underlying IT controls and policies. Inevitably architectural decisions are being influenced by the GDPR and in some organisations security projects must be linked to the GDPR in order to go ahead.<\/p>\n<p>As a result, the GDPR both represents an extra consideration and an opportunity when it comes to architecting network security. Data protection regulations have been around for many years, the intention of GDPR is to improve and unify the situation for EU residents\u2014it is not suddenly a new thing. It does, however, tighten up regulation or place greater emphasis on certain aspects of network security.<\/p>\n<p>The Forrester Report \u201c<a href=\"https:\/\/www.forrester.com\/report\/Brief+You+Need+An+Action+Plan+For+The+GDPR\/-\/E-RES136242\" target=\"_self\" rel=\"nofollow noopener noreferrer\">You Need An Action Plan For The GDPR<\/a>\u201d\u00a0<sup>ref 1<\/sup>\u00a0has a couple of points relevant to this:<\/p>\n<ul>\n<li>#3 \u201cPrivacy-by-design will be the biggest challenge to address\u201d<\/li>\n<li>#5 \u201cProviding evidence of risk mitigation counts as much as securing data&#8221;<\/li>\n<\/ul>\n<p>Most architecture diagrams in a GDPR context are focused (quite rightly) on data loss prevention. What seems to be missing is the DNS component. No one can doubt any longer that DNS is a threat vector involved in malware activity, ranging from communication with command and control centre(s) through to data exfiltration. Estimates are around 90% of malware activity involves DNS and there have been many widely published security incidents related to DNS in the mainstream media.<\/p>\n<p>Budgets are not unlimited, and no organisation is going to implement every security measure that has a GDPR sticker on it. However, most organisations already have a DNS service today and many of them are reviewing its implementation and assessing its role in network security. Organisations need to take a view on the role of DNS and consciously rule in or out what they will do about it in a security context. This is where an architecture review comes in. As most network communication begins with a DNS lookup, DNS affects the entire network.<\/p>\n<p>Below is an illustration\u00a0of how DNS is exploited at the different stages of the \u201ccyber kill chain\u201d.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-642\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/dns-exploitation-in-cyber-kill-chain.png\" alt=\"DNS Exploitation in the Cyber Kill Chain\" width=\"600\" height=\"302\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dns-exploitation-in-cyber-kill-chain.png 600w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/dns-exploitation-in-cyber-kill-chain-300x151.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/p>\n<p>Review the above to determine if your network security \u201cprivacy by design\u201d addresses each of these stages. You may have it covered (do test!) so add your considered risk assessment to your architecture design documentation. Check that you have evidence these known means of exploitation are monitored, for instance, syslog messages containing queries for domain names that are known indicators of compromise (IOCs).<\/p>\n<p>This breaks down into the following Architecture Review checklist:<\/p>\n<ul>\n<li>Check if good DNS implementation practice is in place\n<ul>\n<li>The ability to control DNS communication \u2013 see below for further discussion<\/li>\n<\/ul>\n<\/li>\n<li>Understand\/Review how DNS is exploited:\n<ul>\n<li>Check DNS Registrar security around the authorisation of changes (is it two- factor?)<\/li>\n<li>Do you have any DDoS mitigation?<\/li>\n<li>Is there a process to deal with a malware \u201ckill switch\u201d?<\/li>\n<li>Is there anything blocking malware C&amp;C communication via DNS?<\/li>\n<\/ul>\n<\/li>\n<li>Exfiltration of data via DNS\n<ul>\n<li>Test querying IOCs, such as domain names associated with\u00a0<u>current<\/u>\u00a0threats<\/li>\n<li>Test (unauthorised) data exfiltration\/tunneling via DNS (don\u2019t assume you have this covered)<\/li>\n<\/ul>\n<\/li>\n<li>Document review and DNS risk assessment<\/li>\n<\/ul>\n<p>Regardless of the technology, you should have DNS implemented so that only your authorised (i.e. known and managed) DNS servers can communicate with the outside world. Specific steps you can take include:<\/p>\n<ol>\n<li>Checking your firewall rules<\/li>\n<li>Examining how DNS can act as a control point, providing security based on signature, reputation and behavioural techniques such as machine learning. This looks something like the illustration below<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-641\" src=\"https:\/\/live-infoblox-blog.pantheonsite.io\/wp-content\/uploads\/creating-a-choke-point-for-dns-security-controls.png\" alt=\"Creating a Choke Point for DNS Security Controls\" width=\"600\" height=\"336\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/creating-a-choke-point-for-dns-security-controls.png 600w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/creating-a-choke-point-for-dns-security-controls-300x168.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/>The choke point gives you control and stops shadow IT DNS implementations. It can also act as a source of valuable security data.The choke point, and other internal DNS systems, can implement security based on:<strong><em>Signatures<\/em><\/strong>\u00a0&#8211; Blocking malicious or malformed packets or even known DNS tunnel signatures. It can do this at volume before queries reach the DNS process itself. It will be done partially at a network level via firewall rules\/ACLs and may be added to using the DNS server itself with a greater \u201cprotocol aware\u201d ruleset.<strong><em>Reputation<\/em><\/strong>\u00a0&#8211; Blocking queries to malicious domain names and\/or IP addresses. DNS scales well with low processing impact and can be used to block millions of domain names, something firewalls can struggle with. By setting policies on a domain or IP address, during DNS resolution the good is allowed and the bad is blocked. This is called Response Policy Zones (RPZ); you can\u00a0listen to a podcast by\u00a0<a href=\"https:\/\/community.infoblox.com\/t5\/Security-Blog\/Podcast-Cricket-Liu-and-Paul-Vixie-Take-a-Deeper-Dive-on-DNS-and\/ba-p\/11733\" target=\"_self\" rel=\"noopener noreferrer\">Cricket Liu and Paul Vixie<\/a><sup>ref 2<\/sup>\u00a0explaining how this works.\n<p><strong><em>Behaviour<\/em><\/strong>\u00a0&#8211; Identifying malicious activity over multiple DNS queries. This is increasingly necessary rather than waiting for an indicator based on reputation or the format of a single packet. A newly registered domain, for instance, may have no reputation associated with it that can be inferred from a registrant or reverse engineered by analysing a Domain Generation Algorithm.<\/li>\n<li>Lastly, but importantly, if the DMZ DNS service is the only one able to communicate with the outside world and the authorised internal DNS servers are the only ones able to send DNS queries to the DMZ, then you gain\u00a0<strong>visibility<\/strong>\u00a0of the endpoints making malicious queries. This enables you to identify potentially compromised systems, scan or quarantine them and determine the potential scope\/impact of the malicious activity. This is applicable to all devices, whether traditional network attached hosts, virtual hosts or IoT stuff.<\/li>\n<\/ol>\n<p>One thing to bear in mind is that the GDPR does not mandate breaking the bank, as Article 25 begins \u201cTaking into account the\u00a0<strong>state of the art<\/strong>,\u00a0<strong>the cost of implementation<\/strong>&#8230;\u201d. Reducing risk is better and less costly than fixing problems. Even without 802.1x access control, through a DHCP hack an organization could identify corporate devices and hence provide an IP address to valid hosts or log non-corporate devices as a security issue while denying them an IP address. Not foolproof, but security by design and default on a budget!<\/p>\n<p>With GDPR in mind, the recommendation is to review architecture and consciously make risk-based decisions on where money should be invested or not. Document the decisions and the reasons behind them, you then have the paper trail if the worst happens.<\/p>\n<p>If you want to understand more about\u00a0<a href=\"https:\/\/www.infoblox.com\/products\/secure-dns\/?utm_source=blox-community&amp;utm_campaign=community-q2&amp;utm_medium=blox-community\" target=\"_self\" rel=\"nofollow noopener noreferrer\">DNS security<\/a>\u00a0or need assistance in architecture review or testing,\u00a0<a href=\"http:\/\/info.infoblox.com\/contact-sales?utm_source=blox-community&amp;utm_campaign=community-q2\" target=\"_self\" rel=\"nofollow noopener noreferrer\">Infoblox is here to help<\/a>.<\/p>\n<p>This blog is part of a four-part blog series.\u00a0Please find the links to other parts below.<\/p>\n<ul>\n<li>Part 1 &#8211; <a href=\"\/community\/part-1-4-practical-advice-to-network-and-security-operations\/\" target=\"_self\" rel=\"noopener noreferrer\">Introduction<\/a>\u00a0&#8211; Introduce the implications of GDPR to network and security professionals<\/li>\n<li>Part 2 &#8211;\u00a0<a href=\"\/community\/part-2-4-practical-advice-to-network-and-security-operations\/\" target=\"_self\" rel=\"noopener noreferrer\">Architecture review<\/a>\u00a0&#8211; Identify and reduce risk, focusing on DNS as a point of control and visibility.<\/li>\n<li>Part 3 &#8211;\u00a0<a href=\"\/community\/part-3-4-practical-advice-to-network-and-security-operations\/\" target=\"_self\" rel=\"noopener noreferrer\">Support of security operations<\/a>\u00a0&#8211; Assess the impact of potential malicious network activity along with information sharing, enriching context and signaling between security tools.<\/li>\n<li>Part 4 &#8211;\u00a0<a href=\"\/community\/part-4-4-practical-advice-to-network-and-security-operations\/\" target=\"_self\" rel=\"noopener noreferrer\">Governance around DDI data<\/a>\u00a0&#8211; DDI data really helps in terms of network security but some of it will fall under the GDPR as some DDI data relates to a person.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>This is the second in a four-part blog series. You can find the first part\u00a0here. Part 2 &#8211; Architecture Review While network security is not the focus of the GDPR, without it there would inevitably be security incidents and events, some of which would lead to data breaches. Many organisations are working through the legal [&hellip;]<\/p>\n","protected":false},"author":213,"featured_media":640,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[3],"tags":[28,43],"class_list":{"0":"post-639","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-community","8":"tag-ddi","9":"tag-gdpr","10":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>[Part 2\/4] Practical Advice to Network and Security Operations Pros Regarding GDPR Compliance<\/title>\n<meta name=\"description\" content=\"This is the second in a four-part blog series. You can find the first part\u00a0here.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"[Part 2\/4] Practical Advice to Network and Security Operations Pros Regarding GDPR Compliance\" \/>\n<meta property=\"og:description\" content=\"This is the second in a four-part blog series. You can find the first part\u00a0here.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-02-23T17:34:03+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-06T17:27:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/iotblogmonday.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"660\" \/>\n\t<meta property=\"og:image:height\" content=\"454\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jim Mozley\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jim Mozley\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/\"},\"author\":{\"name\":\"Jim Mozley\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/0b615219b32a2c6209c9028af8b9ea10\"},\"headline\":\"[Part 2\\\/4] Practical Advice to Network and Security Operations Pros Regarding GDPR Compliance\",\"datePublished\":\"2018-02-23T17:34:03+00:00\",\"dateModified\":\"2020-05-06T17:27:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/\"},\"wordCount\":1216,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/iotblogmonday.jpg\",\"keywords\":[\"DDI\",\"GDPR\"],\"articleSection\":[\"Community\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/\",\"name\":\"[Part 2\\\/4] Practical Advice to Network and Security Operations Pros Regarding GDPR Compliance\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/iotblogmonday.jpg\",\"datePublished\":\"2018-02-23T17:34:03+00:00\",\"dateModified\":\"2020-05-06T17:27:08+00:00\",\"description\":\"This is the second in a four-part blog series. You can find the first part\u00a0here.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/iotblogmonday.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/iotblogmonday.jpg\",\"width\":660,\"height\":454},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/community\\\/part-2-4-practical-advice-to-network-and-security-operations\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Community\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/community\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"[Part 2\\\/4] Practical Advice to Network and Security Operations Pros Regarding GDPR Compliance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/0b615219b32a2c6209c9028af8b9ea10\",\"name\":\"Jim Mozley\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_213_1744659534-96x96.jpg\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_213_1744659534-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_213_1744659534-96x96.jpg\",\"caption\":\"Jim Mozley\"},\"description\":\"Jim Mozley has managed TLD and Protective DNS services that are part of the UK Critical National Infrastructure and TLDs for major global tech companies and brands. Jim has a long history with DNS (and DHCP &amp; IP Address Management), working with customers on implementation, migrations, education, bespoke development, integration, and DNS related threat intelligence. In his current role, Jim works on supporting customers in the intersection of security, regulatory compliance and technical standards. He truly believes that it always starts with DNS and Jim is passionate about using it as a foundational layer of network security. It might be the firewall, but it\u2019s probably DNS.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/jim-mozley\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"[Part 2\/4] Practical Advice to Network and Security Operations Pros Regarding GDPR Compliance","description":"This is the second in a four-part blog series. You can find the first part\u00a0here.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/","og_locale":"en_US","og_type":"article","og_title":"[Part 2\/4] Practical Advice to Network and Security Operations Pros Regarding GDPR Compliance","og_description":"This is the second in a four-part blog series. You can find the first part\u00a0here.","og_url":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/","og_site_name":"Infoblox Blog","article_published_time":"2018-02-23T17:34:03+00:00","article_modified_time":"2020-05-06T17:27:08+00:00","og_image":[{"width":660,"height":454,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/iotblogmonday.jpg","type":"image\/jpeg"}],"author":"Jim Mozley","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Jim Mozley","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/"},"author":{"name":"Jim Mozley","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/0b615219b32a2c6209c9028af8b9ea10"},"headline":"[Part 2\/4] Practical Advice to Network and Security Operations Pros Regarding GDPR Compliance","datePublished":"2018-02-23T17:34:03+00:00","dateModified":"2020-05-06T17:27:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/"},"wordCount":1216,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/iotblogmonday.jpg","keywords":["DDI","GDPR"],"articleSection":["Community"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/","url":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/","name":"[Part 2\/4] Practical Advice to Network and Security Operations Pros Regarding GDPR Compliance","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/iotblogmonday.jpg","datePublished":"2018-02-23T17:34:03+00:00","dateModified":"2020-05-06T17:27:08+00:00","description":"This is the second in a four-part blog series. You can find the first part\u00a0here.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/iotblogmonday.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/iotblogmonday.jpg","width":660,"height":454},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/community\/part-2-4-practical-advice-to-network-and-security-operations\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Community","item":"https:\/\/www.infoblox.com\/blog\/category\/community\/"},{"@type":"ListItem","position":3,"name":"[Part 2\/4] Practical Advice to Network and Security Operations Pros Regarding GDPR Compliance"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/0b615219b32a2c6209c9028af8b9ea10","name":"Jim Mozley","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_213_1744659534-96x96.jpg","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_213_1744659534-96x96.jpg","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_213_1744659534-96x96.jpg","caption":"Jim Mozley"},"description":"Jim Mozley has managed TLD and Protective DNS services that are part of the UK Critical National Infrastructure and TLDs for major global tech companies and brands. Jim has a long history with DNS (and DHCP &amp; IP Address Management), working with customers on implementation, migrations, education, bespoke development, integration, and DNS related threat intelligence. In his current role, Jim works on supporting customers in the intersection of security, regulatory compliance and technical standards. He truly believes that it always starts with DNS and Jim is passionate about using it as a foundational layer of network security. It might be the firewall, but it\u2019s probably DNS.","url":"https:\/\/www.infoblox.com\/blog\/author\/jim-mozley\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/639","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/213"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=639"}],"version-history":[{"count":6,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/639\/revisions"}],"predecessor-version":[{"id":1943,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/639\/revisions\/1943"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/640"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=639"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=639"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=639"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}