GDPR goes into effect May 25 2018 Are You Ready?
Why Become GDPR Aware
If your initial response is that you are not in Europe and do not need to be concerned about GDPR you might want to step back and review that thought. While it is possible that some organizations may not be affected by GDPR in Europe directly, there might be indirect considerations. For example, GDPR, while focused on Europe, has ties to other initiatives in place or being planned for elsewhere in the world. Likewise unlike earlier regulatory compliance that tended to focus on specific industries such as healthcare (HIPPA and HITECH) or financial (SARBOX, Dodd/Frank among others), these new regulations can be more far-reaching.
GDPR Looking Beyond Compliance
Taking a step back, GDPR, as its name implies, is about general data protection including how information is protected, preserved, secured and served. This also includes taking safeguards to logically protect data with passwords, encryption among other techniques. Another dimension of GDPR is reporting and ability to track who has accessed what information (including when), as well as simply knowing what data you have.
What this means is that GDPR impacts users from consumers of social media such as Facebook, Instagram, Twitter, Linkedin among others, to cloud storage and related services, as well as traditional applications. In other words, GDPR is not just for finance, healthcare, it is more far-reaching making sure you know what data exists, and taking adequate steps to protect.
There is a lot more to discuss of GDPR in Europe as well as what else is being done in other parts of the world. For now being aware of initiatives such as GDPR and its broader scope impact besides traditional compliance is important. With these new initiatives, the focus expands from the compliance office or officers to the data protection office and data protection officer whose scope is to protect, preserve, secure and serve data along with associated information.
GDPR and Microsoft Environments
As part of generating awareness and help planning, I’m going to be presenting a free webinar produced by Redmond Magazine sponsored by Quest (who will also be a co-presenter) on June 22, 2017 (7AM PT). The title of the webinar is GDPR Compliance Planning for Microsoft Environments.
This webinar looks at the General Data Protection Regulation (GDPR) and its impact on Microsoft environments. Specifically, we look at how GDPR along with other future compliance directives impact Microsoft cloud, on-premises, and hybrid environments, as well as what you can do to be ready before the May 25, 2018 deadline. Join us for this discussion of what you need to know to plan and carry out a strategy to help address GDPR compliance regulations for Microsoft environments.
What you will learn during this discussion:
- Why GDPR and other regulations impact your environment
- How to assess and find compliance risks
- How to discover who has access to sensitive resources
- Importance of real-time auditing to monitor and alert on user access activity
This webinar applies to business professionals responsible for strategy, planning and policy decision-making for Microsoft environments along with associated applications. This includes security, compliance, data protection, system admins, architects and other IT professionals.
What This All Means
Now is the time to start planning, preparing for GDPR if you have not done so and need to, as well as becoming more generally aware of it and other initiatives. One of the key takeaways is that while the word compliance is involved, there is much more to GDPR than just compliance as we have seen in the part. With GDPR and other initiatives data protection becomes the focus including privacy, protect, preserve, secure, serve as well as manage, have insight, awareness along with associated reporting. Join me and Quest on June 22, 2017 7AM PT for the webinar GDPR Compliance Planning for Microsoft Environments to learn more.
Ok, nuff said, for now.
Greg Schulz – Microsoft MVP Cloud and Data Center Management, VMware vExpert (and vSAN). Author Cloud and Virtual Data Storage Networking (CRC Press), The Green and Virtual Data Center (CRC Press), Resilient Storage Networks (Elsevier) and twitter @storageio. Watch for the spring 2017 release of his new book "Software-Defined Data Infrastructure Essentials" (CRC Press).
Courteous comments are welcome for consideration. First published on https://storageioblog.com any reproduction in whole, in part, with changes to content, without source attribution under title or without permission is forbidden.
All Comments, (C) and (TM) belong to their owners/posters, Other content (C) Copyright 2006-2018 Server StorageIO(R) and UnlimitedIO. All Rights Reserved.