<img height="1" width="1" src="https://www.facebook.com/tr?id=1046809342117480&amp;ev=PageView &amp;noscript=1">

VSEC Blog: IT Security Channel News brought to you by Infinigate UK

Share the Infinigate UK Blog on LinkedIn Share the Infinigate UK Blog on Twitter Share the Infinigate UK Blog on Facebook Share the Infinigate UK Blog on Google+ Share the Infinigate UK Blog via Email

7 GDPR Opportunities for the IT Security Channel

Posted: 18 October 2017

7 GDPR Opportunities for IT Security Channel Resellers

As far as titles go, this one will likely prove divisive. On one hand, there are a plethora of IT security solution and service providers who are keen and hungry for the opportunity to work with customers on their preparations for the GDPR. On the other, doubt is sowed by those who question the ability of anyone who claims to know anything about the GDPR, simply because there is nobody with experience in application of a regulation which yet to come into force.

A Hesitant IT Security Channel

The result is mass of unpreparedness amongst organisations and a hesitant IT security channel, reduced to reliance on shifting the risk to solution vendors who attempt to fit their solution into some form of GDPR message. The round hole and square peg analogy comes to mind. Ever since the release of the GDPR’s final draft, I have been a vocal advocate for the opportunities to offer services as opposed to solutions. Dependant on the current position of an organisation and the methods upon which they conduct their businesses, the GDPR could require extensive changes. Something which considering the constant reminders of the global shortage of IT security skills, they may be unequipped to deal with themselves.

Yet, we find ourselves in a scenario where by we have organisations that need help and IT security service providers, sometimes with decades of experience, who have been led to believe that only lawyers can help.

7 GDPR Services

Paradoxically, much of the preparation for the GDPR requires services which many IT security service providers already offer, albeit in slightly different attire. Below is a list of seven such examples:

1. Data Mapping and Discovery Services – Often cited as the first step in any organisations GDPR journey is the need to map all flows of personal information around your network, to external parties and into storage locations.

2. Risk Assessments – For an act of data processing, risk assessments will need to be conducted should the where processing risks the rights and freedoms of data subjects.

3. Solution Recommendation – Where risk assessments reveal gaps, there is an opportunity to recommend and ultimately supply a solution.

4. Incident Response Planning – Protective controls are must but there needs to be plan when the inevitable breach does take place. How to respond, how quickly and armed with what items of information.

5. DPO Services – For small and medium sized organisations who are obliged to appoint a DPO, the use of a DPO service may be more attractive than hiring for the role

6. Training Services – Already incredibly popular, the desire to learn about the GDPR is enormous. Training can range from introduction courses, to in-depth sessions on particular articles.

7. On-going Consultancy – The GDPR will not stop come May 2018, in fact its attention is likely to intensify. Organisations will need continued support to ensure future changes to their businesses are compliant.

There’s Nothing New Under the Sun

Of the seven services listed, nothing can be considered truly radical. Most service providers will recognise services in this list which they currently offer, just without the GDPR pin-badge attached. This familiarity demonstrates why the GDPR is not something which must only remain in the realm of lawyers, after all it is an aspect of information security, something the IT security channel has been working with for decades.

Ultimately, organisations need help in their preparations for the GDPR and who best to assist but those who have helped them with all aspects of IT security, time and time again in the past?

7 GDPR Services VAR's can offer their customers

Chris Payne Senior Technical Consultant, Infinigate UK
Posted by: Chris Payne
Senior Technical Consultant, Infinigate UK

 

Share via:

    

Subscribe to VSEC Blog Updates

Terms and Conditions:
  • When completing this form, you are indicating your consent for this processing activity. By doing this you are providing Infinigate UK with lawful consent to process your submitted personal data for one or both of the marketing purposes below:
    • We will use your details to send you blog updates.
    • We will match your answers to areas of interest which believe you have and may send you additional marketing materials related to those areas.
  • We will keep your personal data for nine months, upon which we will delete your personal data unless you have consented to further processing or we have legitimate interests to retain it. You are free to withdraw your consent at any time by contacting our marketing department or using one of our unsubscribe links in our communications.
  • In some cases where you indicate consent for supplying you with additional promotional marketing material, we will share your personal data with one of our reseller partners, should your areas of interest match a solution or service they provide. We instruct all our reseller partners to communicate this data transfer with data subject affected.
  • Your personal data is stored in a marketing automation solution database, access to this is limited to authorised users and all necessary steps to ensure data security is maintained.

For further information about this form, your rights under the General Data Protection Regulation or how to exercise them, please contact Infinigate's marketing department here.

Popular Posts