A recent independent survey revealed that 75% of organisations indicate they will struggle to be ready for the GDPR deadline in May 2018.
The survey on attitudes towards GDPR was conducted in May 2017, commissioned by Varonis and carried out by VansonBourne. Respondents were 500 IT decision makers of organisations with 1,000+ employees from the UK, France, Germany and the United States.
38% said that GDPR will mean more costs to their organisations. However, the threat of fines might be even more costly, and an additional 42% say that it’s not a priority for their businesses, even though those who fail to meet compliance could pay a considerable fine - with fines of up to 4% of global turnover (revenue).
32% said that it will add more complexity to their job. But meeting compliance is not a simple pass or fail, nor is it a check list. So where do we go from here?
In a recent interview on GPDR compliance, London-based partner at Mintz Levin Sue Foster advises the “show your work” principle. With GDPR, you should be able to justify your security plan based on the current state of security technology and document what you’ve done.
If we needed to simplify data obligations for companies, it would be these six points:
Varonis helps companies meet key GDPR requirements by identifying and classifying sensitive EU personal data, continuously monitor data access, and automatically streamlining a data retention and migration policy.
The feedback we are receiving from customers every day, is that one of the hardest tasks they face with GDPR is identifying what data is within scope of the regulations and where it's located on their network. One way we're helping them is with GDPR Patterns. Using Data Classification Framework as a base, GDPR Patterns can spot EU personal data patterns (we have over 150 of them!) – automatically discovering data that falls under GDPR, from license plates to blood type to passport numbers.
From there, this GDPR classification can be integrated into reporting, alerting, and monitoring – not to mention breach notification.
Here's how we can help you with GDPR readiness:
The first step is to set-up a free GDPR readiness assessment with Varonis and Softcat, where we will help you identify in-scope GDPR data, find excessive access to personal data, audit user activity, and work with you to identify and prioritise gaps in your GDPR readiness.
If your organisation would like to find out more about how we can help with your GDPR preparations, please contact your Softcat account manager or send us a message using the button below.
We would love to hear any comments you have about this article!