2 May, 2018

GDPR and API Security

  • Ishara Naotunna
  • Product Marketing Manager - IAM - WSO2
On-Demand Webinar

GDPR and API Security

Wednesday, May 02, 2018
Webinar Slides

If your organization collects, stores or otherwise processes the data of individuals who live in the European Union (EU), the General Data Protection Regulation (GDPR) affects you. The primary responsibility for GDPR compliance lies with the controller (those who collect data). However, processors (usually API management and mediation platforms) are equally liable for how they handle data. So your API management solution also needs to comply with the regulations of GDPR.

API gateways can be perfectly positioned to address GDPR because it protects both data and user access at the point at which it enters and leaves the systems. This is very efficient because it ensures that security is embedded within the API itself, and not the apps that access the API. This allows app developers to focus on improving the functionality of their applications because they know API security is already taken care of.

In this webinar we will discuss how GDPR affects an API management solution. The following topics will be covered:

  • The role of API management in a GDPR compliant solution
  • How GDPR effects API management
  • Principles relating to personal data processing and security of processing
  • Data protection by design and by default


Sanjeewa Malalgoda Senior Technical Lead, WSO2

Sanjeewa Malalgoda is a key member of the WSO2 API Manager team since its inception. He is a well-versed consultant who has been actively involved in designing and building API management solutions for WSO2 customers including many Fortune 500 companies. He has also spoken at numerous conferences related to API management.


About Author

  • Ishara Naotunna
  • Product Marketing Manager - IAM
  • WSO2