sb-au logo
Story image

Preparing the enterprise for GDPR and the era of data compliance and security

13 Nov 2017

From autonomous cars to intelligent smart home devices, the world around us is undergoing a fundamental change, transforming the way we experience the world. But one question remains uppermost in consumers’ minds—is my information safe?

Our access to mobile phones, the internet, sensor technology and other intelligent devices is causing a rapid growth in the data created, captured and analysed everyday – allowing authorities to be informed on social trends, city planning needs and to provide greater access to everyday services. Data has become critical to all our lives today and is the lifeblood of our rapidly growing digital existence.

Consumers and citizens enjoy the benefits of a digital existence, as the government and enterprises’ access to a wealth of data enables more innovation, better services and greater convenience. However, the challenge faced by businesses is how to navigate and manage this unprecedented amount of information, data and content-- which is multiplying at historic rates -- while still protecting the privacy and security of every customer.

There is a significant gap between the quantities of data being produced today that needs protection and the amount that is actually being secured by the enterprises that collect it - and the gap will only get wider in the future. Every week brings another headline about security breaches exposing thousands of records to possibly malicious use.

Inevitably, criminals and cyber-terrorists have been quick to recognize the opportunities presented by the ocean of data available to them, and the much of world’s regulatory authorities have responded by creating rules that formalise the steps enterprises must take to protect both customer and enterprise data.

As enterprises identify and service unique or critical data points to realize its vast potential, two crucial and interconnected factors will govern their actions. These are security and the need for regulatory compliance.

A key upcoming piece of legislation will force enterprises to develop new approaches to information management—the European Union’s General Data Protection Regulation. Slated for mandatory compliance by May 25, 2018, the GDPR places significant requirements across all organizations collecting data on European residents to closely manage and track the personal information they collect.The rules affect every entity both inside and outside of Europe that holds or uses personal data of covered individuals.

Every business will need to prove it handles personal data properly. Among other requirements, it will be necessary for companies to show consent to use data collected when required, delete data or correct errors and provide copies of data when asked. To fulfill these requirements, it will be vital to track all uses of personal data and protect the privacy of the individual.  

To help achieve this end, every company housing personal data collected on European residents will benefit from using an enterprise data lineage solution. These solutions can provide quick lineage reports of the source and use of data through the organization and provide on-the-spot auditing of all data flagged as personal. Without a data lineage solution, or something like it, your company may find itself halting business to provide manual reports to regulatory bodies.

Businesses in Singapore will likely be the most affected in Southeast Asia, since the country is the EU's largest commercial partner in ASEAN, accounting for slightly under one-third of EU-ASEAN trade in goods and services.

Complying with the GDPR and similar regulatory requirements such as Singapore’s PDPA is a significant challenge, not least because enterprises have typically locked up vital information in departmental silos, spread across legacy and modern systems ranging from 40-year old mainframes to on-premises storage and the cloud.  

A Forrester survey commissioned by ASG Technologies found that one of the key challenges identified by the enterprise architecture and operations professionals surveyed,is dealing with their firms’ legacy storage or disconnected content management systems. Twenty-five percent said their ability to move content to the cloud is hampered by their existing infrastructure. Typically enterprises are adding to their technical base or technologies supported, rather than replacing them.

Clearly, businesses need to identify and deploy solutions that span traditional & new technologies, enabling them to seamlessly access their data, track its lineage across data warehouses and through transformations while maintaining the necessary information to support governance of personal data in order to demonstrate GDPR compliance.

The costs of understanding and utilizing the mass volumes of data in this complex environment are significant, but the cost of not leveraging accurate data for decision making, failing a compliance audit, or a experiencing a security breach are much more expensive,not only from the cost and lost opportunity but equally importantly from the impact on enterprise reputation.

The bonus for enterprises that address their compliance issues through the deployment of a dedicated tool-agnostic data management solution is their ability to support citizen data scientists with a deep view into the enterprise’s most valuable data. Accurate representations of the data estate will support making critical business decisions faster, providing business agility that will drive immediate results and helping to build new offerings for customers.

Enterprises that identify the data that matters, and then apply the right technology to understand how it was collected, how it is used, determine its quality and the value it provides will be able to respond to immediate opportunities, compliance requests and direct strategic initiatives and will be the winners in the digital life that beckons us.    

Article by Praveen Kumar, ASG Technologies general manager, Asia Pacific.

Link image
Data is an organisation's most significant asset - here's how to protect it
Data resilience strategies are becoming more crucial as more value is ascribed to a company's data. If it's not stored securely and cost-effectively, expect problems.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
ConnectWise launches bug bounty program to bolster cybersecurity strategy
“Crowdsourcing in this way represents a solid additional layer of security, and we clearly value the community's expertise and participation in helping us keep our products secure."More
Story image
Understanding data is the first step in public sector cloud adoption
Before any cloud migration, it is essential to know exactly what data the organisation already has and where it’s located.More
Download image
Network functions virtualisation: What is is, how to use it, and why it matters
Network functions virtualisation (NFV) is fast becoming the go-to method of simplifying corporate networks from planning, through deployment and management.More
Story image
The guide to digital security in unstable times
An increase in vulnerability across different sectors has meant that 2020 has seen more than its fair share of cybersecurity incidents. One of the most effective ways to combat the perils of today’s cyber-threats is to gain a better knowledge of the threat vectors looming over the heads of organisations. More