Story image

How every business can benefit from GDPR compliance

18 Jul 18

GDPR regulations are transforming the way businesses operate both online and offline around the world. While most organisations can find the road to compliance expensive and complex, the long-term opportunities are plentiful when the process is managed in the right way. This involves rolling up sleeves, diving deep into data protection and changing the way that teams and individuals think about personal data.

At its very heart, GDPR is all about protecting customer and employee data. It requires organisations to adopt stricter protection policies, to document how they store, use and share personal data and review data governance principles regularly to ensure compliance. In essence, companies will not only need to manage huge volumes of data but also enable a cultural shift in order to ensure the door remains locked to breaches and a solid reputation remains intact.

Opportunities to build consumer engagement while saving costs

There are many misconceptions when it comes to GDPR. New data privacy culture has become one of the most intricate debates happening around the world as it weighs notions of ethical and professional practice. How an organisation deals with GDPR compliance will depend on how it is utilising data, the industry it is operating in, and how and where that data is stored.

For GDPR compliant companies, the opportunities and competitive advantages are clear. Not only will they avoid the hefty penalties inflicted for non-compliance, but they will be well on their way to building authentic, transparent relationships with customers and a more people-centric business.

In a survey with 1,000 UK consumers, 62 percent said their confidence about sharing data with businesses has been improved by the incoming laws. In the same report 80 percent of consumers would be very or moderately comfortable with sharing data about their interests for marketing purposes.

While consumers are clearly aware of the drastic changes that are happening within companies, they’re also recognising the shifts in regulations are in fact to enforce cybersecurity and privacy. On the other hand, for a business, by implementing the right compliance design principles and collecting only relevant data, they can streamline and eliminate data storage and collection processes, prevent data breaches and cyber-attacks, and reduce costs significantly.

A simple process change just won't cut it

GDPR legislation demands an organisational shift across all departments, from legal to sales and marketing to IT. And the fact is that simple process change won't quite cut it. Even with digital platforms such as Facebook, followed by many other businesses, moving quickly towards an educational approach with their customers on revised data collection and privacy policies. It is still surprising to learn how complacent the majority of individuals and businesses remain when it comes to data security.

The good news is that there is an evident rise in employees understanding their role in protecting data and who are aware that privacy issues are a very real risk now that GDPR is firmly in place. Despite the challenges ahead, it appears IT professionals generally support the regulations, with 65 percent of UK respondents of a Spiceworks survey saying they are in favour of the GDPR.

For any business, building a GDPR framework will be an ongoing process that begins with induction and education. This should be reinforced routinely and whenever any data protection issues occur. From creating personalised staff awareness workshops to investing in business automation and data protection solutions, there are many ways a company can raise awareness and create a robust framework for the compliance.

As the saying goes, Rome wasn’t built in a day, therefore, GDPR cannot be a process that is shaped overnight. It requires a long-term commitment to cultural change, continue to educate and be vigilant; the entire organisation has to be on-board with responsible and compliant collection and treatment of data. 

Though, it’s important to remember that with change comes opportunity. The businesses of the future will approach GDPR mandate as a chance to reimagine compliance and prove their business can succeed. Those with foresight will grab the best opportunities.

 Article by Unit 4 A/NZ country manager and sales director Chris Tithof.

Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t. 
Pitfalls to avoid when configuring cloud firewalls
Flexibility and granularity of security controls is good but can still represent a risk for new cloud adopters that don’t recognise some of the configuration pitfalls.
Securing hotel technology to protect customer information
Network security risks increase exponentially as hotels look to incorporate newer technologies to support a range of IoT devices, including smart door locks.
Why total visibility is the key to zero trust
Over time, the basic zero trust model has evolved and matured into what Forrester calls the Zero Trust eXtended (ZTX) Ecosystem.