GDPR: Risks vs Results

Take a comprehensive look at the different stipulations of looming GDPR laws and find out whether they will limit or liberate your sales efforts.

General Data Protection Regulation (GDPR) is set to come into force in May 2018 and will be a game-changer in terms of how organisations handle personal data.

The new regulation looks to shift control of personal data back to its owner, that means usernames, location data, IP addresses, passwords – everything. This will spell significant changes to how your customers are required to store, process, and analyse personal data. It could mean a potential overhaul of their privacy compliance programmes, IT systems, and infrastructure.

This blog will look at common partner concerns surrounding GDPR and which elements of Tech Data and Microsoft’s rich product portfolio can help turn them into opportunities. Navigate through the process, help your customers to remain compliant, and implement best practices around the data management with the Microsoft suite.

Concern: Data confusion

Your customers are faced with exponential amounts of data, entering the business from a wide range of sources. Most data is categorised as unstructured data, and is dispersed across the organisation, sitting in network drives, inboxes and mobile devices. It can be an overwhelming task for a business to understand what data they hold on an individual, where it’s located and whether it is protected.

Data confusion = Opportunity

Discovery is the first stage. Through audits, consultancy and the right technology solutions, you can help your customers to discover what personal data they hold on individuals, where it is located, and ensure it is adequately protected.

With regards to auditing and visibility, Dynamics 365 and its Reporting and Analytics dashboards are powerful tools to equip your customers with.

Plus, the Enterprise Mobility + Security Suite provided by Microsoft makes use of identity-driven technologies that help your customers to discover, control, and safeguard personal data, while Microsoft Azure Information Protection helps them to identify what sensitive data is and where it resides.

Concern: ‘Denial of Service Week’

One worry for organisations is that, come 25 May 2018, there will be thousands of requests made by members of the public regarding their data. Some organisations could be swamped by requests, which will be a major challenge, especially for smaller businesses, or those operating with limited resources.

The customer-controlled data access functions of Office 365’s Customer Lockbox can be of great assistance here, providing people-centric security systems.

But any company that stores sensitive information about any individual needs to act to ensure that they meet GDPR’s requirements and respond to those requests within a set period.

Opportunity = ‘Denial of Service Week’

By working to discover and define what data your customers have, you can actually gain a competitive advantage in the market with a better insight into their own business and customers.

Partners can initiate conversations around business analytics solutions, and more importantly, ensure the customer adheres to best practices around data security with the appropriate digital security policies in place.

Microsoft Power BI for example, is self-service business intelligence platform capable of discovering, analysing and visualising data. It also allows you to share any insights gleaned with your team members, customers or colleagues.

Concern: Strict penalties

Non-compliance can lead to harsh penalties under GDPR. Organisations that suffer a data breach can incur a fine of up to four percent of their annual global turnover, or €20 million, whichever is greater. After next May, failure to disclose any serious data breaches to the relevant authorities, and the victim of the breach, can result in a €10 million fine or two percent of their revenues.

Therefore, the consequences of any data loss could be financially devastating for your customers – in addition to loss of regulation and customers.

Opportunity = Strict Penalties

There is an assumption that the regulators will immediately come calling on any business that hasn’t met the GDPR requirements by the deadline. However, the ICO is likely to adopt a pragmatic approach to the situation, and organisations that are putting effort into achieving compliance.

There is a fantastic opportunity for the channel to help their customers document everything they have done at a technical and policy level to show due diligence in the run-up to GDPR.

When it comes to successfully managing access to personal data, look no further than Office 365 and its Data Loss Protection (DLP) features. These can identify over 80 common sensitive data types, whether they be financial, medical, or some other form of personally identifiable information.

Conclusion

Despite customers’ concerns, GDPR is ultimately an opportunity for organisations to assess and improve their data processing operations, and to reap the rewards of partnering with Tech Data and Microsoft.

For the channel, GDPR is an opportunity to get closer to customers, advising them on the risks and opportunities that the new regulation can deliver.

While one advantage may be finally convincing customers to commit to investing more in digital security, the real benefit is that resellers can strengthen their position as a trusted advisor, solidify existing relationships, and add more value to what they currently offer the customer.

Our entire product range – across Azure, Dynamics, EM+S and Office 365 – have security features to help keep customer data secure, both in the cloud and on premises. Providing your customers with a watertight network and data security is integral to building a strong foundation of trust with them, which will in turn enable you to enjoy a fruitful relationship in the long-term, with healthy looking sales performance figures to match.

Takeaways

  • Overall, GDPR looks to shift control of personal data back to its owner.
  • Organisations today are faced with exponential amounts of (mostly unstructured) data, but IT providers can help them discover what personal data they hold on individuals, as where it is located, and whether or not it is protected adequately.
  • Non-compliance under GDPR will lead to harsh penalties. The consequences of which would prove financially devastating for any business.
  • By working to discover and define the data they own, resellers can actually gain a competitive advantage in the market with a better insight into their customers.
  • GDPR is ultimately an opportunity for organisations to assess and improve their data processing operations, and for resellers to strengthen their customer relationships.

Visit the Microsoft hub