Top American banks have significant gaps in GDPR website compliance

GDPR affects all companies that engage with EU citizens, even if they have no physical presence in the EU, but a new study reveals that some major US firms still have websites that don’t comply.

The research by digital threat management company RiskIQ looks at 25 of the 50 largest banks in the US (as of 2017) and finds significant security gaps in personally identifiable information (PII) collection.

Per organization, RiskIQ has identified an average of 1,891 insecure login forms, 1,663 pages collecting PII insecurely, 1,326 EU first-party cookie violations and 1,265 EU third-party cookie violations.

"PII discovery, inventory, and compliance assessment is one of the major tasks for GDPR project teams. In our experience, most security and compliance teams have only partial visibility of the websites owned by their organization. They are left to engage users across the business in an effort to uncover them. And once they have compiled that list, inspecting tens of thousands of web pages is labor intensive and prone to error," says Lou Manousos, CEO of RiskIQ. "The new PII/GDPR analytics feature in RiskIQ Digital Footprint automates the once cumbersome and often inaccurate process of ongoing website PII discovery and assessment, helping to more efficiently support compliance obligations for large enterprises and multinational organizations."

RiskIQ is launching a Digital Footprint tool that helps companies address the GDPR challenge by actively discovering, creating and assessing an interactive inventory of public-facing web assets, including sites, applications, and infrastructure, connected to an organization. A PII/GDPR analytics feature automatically highlights web pages where personal data is being solicited, including login forms, data collection forms, and persistent cookies.

You can find out more about the Digital Footprint tool on the RiskIQ site and the company is hosting a webinar on GDPR compliance on November 28th.

Image credit: kenary820 / Shutterstock

Comments are closed.

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.