top of page


Companies are often subject to human error. For this reason, users of company data assets of different categories, departments, and hierarchical positions can be the greatest risk to the security of information stored in corporate systems. Therefore, it is necessary to formalize policies, terms of use of systems, and intensive training on the subject of data security. Based on the established policies, rules of use of systems, functionalities segregated by types of users and their purposes, the company can and should apply continuous monitoring to detect possible violations of policies and rules and, thus, act to prevent leakage or inappropriate use of data. 

imagens-q-radar-v2-01 copy.png

Attackers are also major security risks for organizations. When hackers act with their social engineering techniques or technological mechanisms, focused on capturing information, they perform malicious actions to damage systems, databases, or hijack that data for misuse or ransom demands. It is extremely important to be prepared to combat such actions while keeping information security intact.

MD2 offers in MD2 Quality Manager the model processes for formalization of data use policies, user categorization and establishment of rules per job function, regarding information security and access universe and types of actions on data assets. In addition, in MD2 Quality manager, we formalize the processes of response to information security incidents and provide guidance for the treatment of these incidents and, if necessary, communications to data privacy teams: DPO, company management, ANPD and the data subjects themselves. The processes are then formalized and transcribed using monitoring rules via specialized software (IBM QRADAR), which will enforce the policies so that any deviation by intentional breach, negligent breach, or if the original user's identity is captured, is detected with speed so that risk mitigation action plans can be triggered.


IBM QRADAR and MD2 QUALITY MANAGER work together to detect and prioritize threats and integration between LGPD compliance and information security teams. All events with incidents related to personal data are notified and linked to the formalized processes with the assets' use policies and, thus, a formal treatment will be registered, meeting the model of establishment of reasonable mechanisms for defense of the holders' data as provided in the LGPD.

IBM QRadar will be responsible for monitoring user activities in their day-to-day, based on the policies defined by the organization's business rules, identifying unusual behavior and tracking the user's risk score. A user will have his risk score based on his actions, where certain attitudes can generate a higher risk to the organization, being promptly notified to the involved teams. Certain conditions, related to data privacy, will be automatically notified on MD2 Quality Manager, so that the person in charge (DPO) is aware of the behavior and follows up the involved procedures.

In certain situations, the user's credentials may be compromised, and it is essential to monitor with agile responses, and, if necessary, to totally block access to the organization's sensitive and privileged information.


The above panels display illustratively, an alert/offense about LGPD, what the origins and targets of these threats are.


This panel is used to dynamically monitor the actions of users. According to the atypical actions of users, the mechanisms and rules cause the Risk Score to rise, according to the animation we saw earlier and, when it passes the established limit, it generates an alert for the security team (SOC - Security Operations Center) and the DPO.

img-seg-inf-004 copy.png

To be able to monitor and track activities within the organization, integration with control sources such as DLP's, AD's, and Firewalls will be necessary. However, it will also be necessary to establish the company's policy, in the way that it believes is most reasonable for its organization, establishing guidelines and controls. These events and policies will be monitored through security management

img-seg-inf-005 copy.png

Based on the policies defined by the business areas, the security area will be responsible for enforcing the rules and thus following up on the events as defined. Certain rules will consist of one or more related events.


So it is very important to keep this follow-up and continuous monitoring of all users, so that we can act proactively whenever necessary.

img-seg-inf-007 copy.png

For continuous monitoring, it can happen automatically and in an integrated way, generating notifications to the security team and to the privacy team for awareness and follow-up of the facts. But this monitoring can also count on the expertise of the security team, identifying and notifying possible strange behavior.

img-seg-inf-008 copy.png

For an efficient process it is essential to have everything well documented, and in case of any notification, incident, near incident, or non-compliance, it is necessary that the team is prepared, providing an agile and effective response. In the picture above, we have an example of a documentation usually called playbook or runbook, which work as a standard operating procedure, establishing directives and guidelines for incident handling.


The incident response plans can be developed in order to assist and speed up all treatment and actions, applying contingency plans and reducing treatment response time. The response plans can be derived from the treatment and risk controls already mapped within the organization, bringing efficiency and diligence to the company.

img-seg-inf-010 copy.png

IBM QRadar will be the centralizer of the events monitored within the organization, monitoring all users from several groups, sectors and functions. In case of incidents or non-compliance with personal data, the privacy team will be notified through the MD2 Quality Manager, where it will follow up all the procedures and promote continuous improvement within the organization, where depending on the incident, it will communicate the National Authority (ANPD) and the involved owners.


On the path to compliance, the participation and engagement of all areas will be fundamental, promoting and building continuous improvement within the organization, adding value and bringing benefits to its assets.


LGPD Clinic: a complete project, prepared by a team of experts in the health segment!

Don't waste any more time! Fill in your details and talk to our experts.

bottom of page