EDITOR’S QUESTION
multiple ‘secure communities’ to share
the same network without other groups
being able to access – or even see – their
workstations and servers.
In reality, GDPR was a huge task that
took an uncountable amount of man
hours to ensure compliance. The critical
challenge was to recruit or work with the
right teams and trusted partners as well
as source advice from industry bodies and
government to provide security capabilities,
training, processes and strategy to match
the new requirements.
G
DPR introduced strong enforcement
of compliance requirements,
stressing the importance of creating
trust that allows the digital economy to
grow inside the European Community.
The objective was to bring consistency to
the current data protection laws across EU
member states and guide how organisations
should store customer data and how they
must respond in the event of a data breach.
From a consumer perspective, GDPR has
proven a positive experience as the average
customer has seen a drastic reduction of
unsolicited email, mail or phone calls. In our
experience, organisations that effectively
planned their compliance strategy and
reviewed their personal data processing
capabilities have been able to use GDPR
as an opportunity to streamline the value
chain and identify new ways to provide
customers with value-added services. For
34
INTELLIGENTCIO
these organisations, GDPR has helped get
their data processing in order and improve
trust in their business.
However, have businesses implemented
additional security controls to address the
risk presented by personal data processing,
such as accidental or unlawful destruction,
loss, alteration and unauthorised disclosure?
One year on, we have seen an increase in the
number of organisations requiring ad-hoc
security expertise to carry out specific data
protection impact assessment to evaluate
the origin, nature and severity of the risks
related to the processing of personal data.
Moreover, GDPR is driving a new approach
to security inside the data centre network
and cloud environments, called Zero Trust.
Effective Zero Trust implementation for
GDPR adopts software-defined security
solutions that use encryption to enable
Where organisations were able to choose
the right partner and the proper security
controls, GDPR has been a positive
opportunity and has increased profitability
by reducing overlapping and redundant
processes. However, many organisations,
especially small to medium business, are
still transforming or assessing the way they
handle personal data. For them, the journey
has just started but the clock is ticking to
close these gaps.
“
GDPR IS DRIVING
A NEW APPROACH
TO SECURITY
INSIDE THE DATA
CENTRE NETWORK
AND CLOUD
ENVIRONMENTS.
www.intelligentcio.com