All business is global. It doesn't matter if you sell homemade jewelry on eBay or billion-dollar aircraft to an international airline, if your enterprise uses the internet, it is a global business. And as a global business, it is subject to a plethora of international laws and regulations regarding the safekeeping of all data it collects on its customers.
Keeping up to date on data protection and management regulations can be difficult even for the largest and most sophisticated organizations, but there are some steps enterprises can take to mitigate the risks. Microsoft, for example, offers a helpful set of tools that will assess your enterprise's readiness to comply with the provisions of the General Data Protection Regulation (GDPR) as promulgated by the European Union. The law goes into effect soon and the general consensus is that many enterprises are simply not ready for it.
SEE: GDPR data breach notification letter (Tech Pro Research)
General Data Protection Regulation
While it may be tempting to blow off the GDPR as some bureaucratic nonsense that doesn't apply to your business enterprise, that would be a mistake—and a potentially costly one at that. The GDPR that will go into effect in May 2018 is specifically worded to apply to any company interacting with residents of the EU regardless of the company's location.
In other words, if you collect personal data on a single customer from any EU country, the GDPR applies. Ignore this fact at your own risk.
As a major purveyor of productivity software, Microsoft understands that much of the compliance activity surrounding the GDPR, and other laws like it, will involve its products. Windows 10, Azure, and Office 365 are all part of the systems that will be required to maintain and secure data under the new law. So to help its customers assess their compliance with the GDPR, the Microsoft Trust Center offers the free GDPR benchmark assessment tool.
The tool is an interactive questionnaire that will generate a downloadable report showing the organization's readiness to comply with the GDPR's provisions. The report is likely to reveal several weaknesses in your current systems with regard to the GDPR. And with less than a year to go before these regulations take effect, it would be wise to take the report results seriously.
SEE: Achieve GDPR Readiness with Secure App and Data Delivery (Resource Library)
For enterprises seeking some professional help with GDPR compliance, Microsoft also offers resources through the Partner Network in the form of a detailed GDPR readiness assessment tool. Partners in this program offer an in-depth analysis of the organization's readiness and then provide actionable guidance on how to prepare for compliance.
With the internet and cloud computing playing such an integral part in information technology infrastructure, business has become a global operation. Collecting data on customers creates an obligation to keep that data safe—an obligation that is often codified by laws and regulations. Noncompliance with these laws is not really an acceptable option, and in fact, it could prove extremely costly.
Microsoft, with its products so predominant in the business world, feels a certain commitment to help its customers comply with laws like the GDPR. Azure and other cloud-based services and products can be made to comply with the GDPR at the server level by Microsoft itself, but compliance at the enterprise level falls to the individual organizations.
Services like the free GDPR benchmark assessment tool can show you just where you stand with regard to compliance. With less than a year to go before the GDPR goes into effect, you want to take the time to determine where you stand with this new law now, before it is too late.
- How Europe's GDPR will affect Australian organisations (ZDNet)
- Here are the biggest IoT security threats facing the enterprise in 2017 (TechRepublic)
- How AI and machine learning can help solve IT's data management problem (TechRepublic)
- Data breach costs are dropping, but still $3.62 million on average, report says (TechRepublic)
Do you know what provisions are in the GDPR—and is your enterprise compliant? Share your thoughts and opinions with your peers at TechRepublic in the discussion thread below.
Mark W. Kaelin has been writing and editing stories about the IT industry, gadgets, finance, accounting, and tech-life for more than 25 years. Most recently, he has been a regular contributor to BreakingModern.com, aNewDomain.net, and TechRepublic.