Latest News

Greenbone Networks becomes only GDPR-compliant provider of cloud vulnerability management services

Company moves to German cloud provider as EU-US Privacy Shield agreement comes to an end

Greenbone Networks, a leading provider of IT network vulnerability management solutions, today announced it has moved its servers to a German-based cloud provider, making Greenbone the only provider of GDPR-compliant, cloud-based vulnerability management services. This move comes as Greenbone reacts to the termination of the transatlantic data protection agreement, the EU-US Privacy Shield, which came to an end on 9th November, 2020.

Previously, Greenbone’s cloud-based services were hosted elsewhere in the EU, via an Azure platform. In order to conform with European data protection regulations for its customers, while at the same time prevent access by US authorities, Greenbone elected to switch to a German-based hosting provider. All of the new provider’s data centre operations are located within Germany and are all certified according to ISO 27001, ISO 9001 and PCI DSS regulations.

The European Court of Justice (ECJ) declared the EU-US Privacy Shield – in which American organisations pledged to comply with European data protection principles – invalid on 16th July 2020. This follows the passing of the CLOUD Act by President Trump in March 2018, in which US organisations are required to release data to US authorities, regardless of where the data is stored. As GDPR regulations prohibit disclosure of any data, including data held by US-owned companies, the ECJ ruled that the Privacy Shield could not guarantee the agreed standards of data protection, as it would be undermined by the CLOUD Act.

“Our top priority is to guarantee our customers have maximum security when using our solutions,” said Elmar Geese, COO at Greenbone Networks. “Our systems process sensitive data from customer networks, so keeping it safe is paramount, particularly for compliance and data protection reasons. The move to a German-based hosting provider enables us to guarantee the highest level of data protection and legal security for our customers as we comply 100 percent with European GDPR regulations.”

Flexibility with maximum security

Greenbone has been offering its vulnerability management solution as a cloud-based service for the past year, in addition to its standard physical and virtual appliances. With Greenbone Cloud Services, customers can perform vulnerability analyses of their networks without the need for their own hardware, software or in-depth IT security knowledge. This is particularly crucial for small- to mid-sized businesses that have limited in-house IT teams as well as for organisations that need the ability to scale.

Currently, there are only a few providers which offer vulnerability management as a cloud-based service, with Greenbone the only one to offer services that are 100 percent GDPR compliant. Elmar Geese added: “For the first time, European companies looking for vulnerability management services via the cloud will have a secure and compliant option, even after the end of the Privacy Shield.”