Apcela

Why Enterprises Need Communication Hubs for Today’s WAN

Enterprise Communication Hubs As early as 2014, Gartner analysts were touting the benefits of communication hubs as a means to improve WAN performance. In a blog post by analysts Andrew Lerner, and a related research note by he and Sorell Slaymaker the recommendation was that
Impact of AI and 5G on the Possibilities of Data

Impact of AI and 5G on the Possibilities of Data

Impact of AI and 5G This blog post was made in collaboration with Intel. A smarter world is now a possibility that is starting to sound real. Data sits at the center of this change, and data can be referred to as the oil that

Data Protection Officers

The General Data Protection Regulation (GDPR) is officially here. Yet, organizations are still unaware, are ignoring, or flat out didn’t build in enough time to make sure they met all mandates of this expansive and impactful regulation. One of the lesser well-known requirements is the emergence of a totally new role: The Data Protection Officer (DPO). Organizations are required to (in some capacity) have a DPO on board, but this can be easier said than done.

The right stuff: what to look for in a DPO

Data Protection Officer

The Data Protection Officer (DPO) is sure to be the hot new role for companies operating in the European Union (EU). This individual will be responsible for ensuring anonymity and maintaining the personal information (PI) collected by the company during routine marketing and business practices. The DPO will build and implement procedures for collecting, processing, and storing personal information within the GDPR compliance framework.

The responsibilities of the DPO may appear to be relatively straightforward, but that’s far from the case. The new position is an intricate one and requires dual knowledge of cybersecurity and legalities. That said, individuals that possess this unique skillset are going to be in high demand. So much so that the International Association of Privacy Professionals predicted there are 75,000 new GDPR vacancies around the world. The DPO must also keep up to speed with amendments to the regulation, especially within the first 6 months of its enforcement. This level of expertise will no doubt come with a high price tag, which could present challenges for midsize organizations with limited wiggle room in their budgets.

Keeping the neighborhood safe

Due to the high cost of such advanced expertise, many experts are predicting that we’ll see a rise in compliance-as-a-service models in which a DPO would instruct the IT teams of several companies. This could be a cost-effective solution for many organizations who don’t have the available budget or resources to bring on an in-house DPO. However, each company will still be responsible for its data, so they must approach this outsourced model carefully. It will also be important for enterprises to seek advice from their data protection providers, as they can advise on which technology can help maintain compliance continuously.

So, how should an organization work with both their DPO and data protection provider to make sure they remain in regulators’ good graces? IT leaders should seek guidance on:

  • Phasing out old IT architecture: Legacy systems are often oriented around individual data management, so they lack the necessary features to provide a GDPR solution. Finding and removing these systems will be very important.
  • Where to spend money on new tools: Currently, there isn’t one tool, solution, or service that can protect and maintain compliance for every single aspect of GDPR. That said, companies need to make sure they’re investing in an effective suite of tools that enable improved data governance.
  • Defining personal data: In the GDPR, the phrase “personal data” is loosely defined. It can include everything from emails and email addresses, to information gathered during routine marketing and business activities. Setting an organizational guidance on what classifies personal information will be key.
  • The importance of email archiving: More than 60 billion emails are generated each day, so the potential for a compliance violation is massive because of the amount of personal information exchanged in emails. If there is a subject access request (SAR), the systems administrator must be able to identify and remove emails if a user withdraws their consent. Establishing set processes for producing and maintaining activity logs will also be important, especially in the event of an audit.
  • Keeping tabs on data: When companies store data of EU citizens, it needs to be held in the EU unless the user has provided consent for it be stored elsewhere. Unless a company has a system in place for acquiring this consent, it’s not likely a user has allowed them to store their information in another part of the world. This will be tricky for organizations with storage centers in different continents, so it’s going to be very important to establish a process for understanding where user data is stored.

There are many aspects of GDPR that are subject to interpretation, so organizations need to listen to and implement the advice from both their DPO and their data protection providers. Working with both is the best way to assure continuous compliance, even as amendments are made to the regulation and the technology landscape continues to change.

By Oussama El-Hilali, VP of products at Arcserve

Oussama El-Hilali

Oussama has nearly 25 years of IT and R&D experience driving and achieving product strategy and roadmaps, acquisition of new technology, and developing strategic business partnerships in both Fortune 100 and emerging companies. At Arcserve, he is responsible for managing product development.

View Website

BRANDED COMICS FOR YOUR NEXT CAMPAIGN

Get in touch with us regarding our introductory rates!

Aruna Cisco

2019 Predictions for Innovating, Transforming and Enabling Workplace Transformation

My Predictions for 2019 As we think of the top Collaboration trends for the coming year, we should start by ...
App Direct CEO

Still Thinking Like a Product? Start Thinking Like a Platform

Start Thinking Like a Platform Every so often, a technology buzzword comes along that lives up to the hype. "Platform" ...
Determining the Economic Value of Data

Determining the Economic Value of Data

[Note: I have been trying to write this blog for several years.  But instead of trying to perfect the concept, perhaps ...
Sam DevSecOps

Why DevOps is Quickly Becoming DevSecOps

DevSecOps Industry Trends Trends move quickly in the information technology industry, but one that seems poised to stick around for ...
GDPR Compliance

A Quick and Dirty Guide to GDPR Compliance

GDPR Compliance Set a reminder: On May 25, 2018, the new General Data Protection Regulation directive from the European Union ...

Simple, Scalable, Containerized Deep Learning using Nauta

/
Deep learning is hard. Between organizing, cleaning and labeling data, selecting the right neural network topology, picking the right hyperparameters, and then waiting – hoping – that the model produced is ...

Media Alert: Intel at COMPUTEX 2019 (Updated)

/
Join Intel at COMPUTEX 2019 to discover how the company is transforming intelligent computing for our data-centric world to expand human potential. Intel is delivering technology leadership, working closely with ...

Dell Technologies and Cisco Reaffirm Joint Commitment to Converged Infrastructure with Multi-Year Agreement

/
There’s industry chatter about what the growing adoption of hyperconverged infrastructure (HCI) might mean for the converged infrastructure (CI) space. As a company that retains its top spot in IDC’s Certified ...