New data protection laws in the European Union are looming. Most notable of them all is the General Data Protection Regulation (GDPR). Ipswitch commissioned a survey of 300 European IT pros* to see how preparations are going. The GDPR survey results showed that overall, businesses are really feeling the financial burden of preparing for the new regulation. Over two thirds said they’d need to invest in new technologies or services to help prepare their business for the impact of GDPR. Ouch!
Key Survey Findings
- Almost one fifth of businesses still have no idea whether changes in the regulations will apply to them. Despite confirming they do store and process personal data
- 69% say their business will need to invest in new technologies or services to help prepare the business for the impact of GDPR including:
- 62%: encryption
- 61%: analytic and reporting
- 53%: perimeter security
- 42%: file sharing
- Two thirds say that keeping up to date with changing data protection regulatory requirements is a burden on their business
- Just over half report that their business has already allocated training budget to help staff understand and comply with GDPR, however, just under a third have not
While over two thirds (69%) of IT pros acknowledge that GDPR will impact their business, almost one fifth (18%) still have no idea whether changes in the regulation will apply to them. This is despite confirming that they do store and process personal data.
The GDPR draft has been passed by EU Parliament and is due to come into effect by the end of this year. It is expected to impact any organization which collects, stores, processes and shares personal data on employees, customers or partners. The regulation is designed to unify and simplify data protection across 28 EU countries. It includes severe penalties for non-compliance of up to two percent of a company’s annual revenues.
The Ipswitch survey findings demonstrate very clearly that IT pros are realiing not only will they need to review policy and process, but a financial, training and resource investment will also be needed. It is a time intensive and costly process. However, it is also an essential one to avoid being penalized with fines.
It’s encouraging to see that there is far greater awareness of the changes when compared to late 2014. A GDPR compliance survey conducted by Ipswitch in November 2014 revealed that more than half (56%) of respondents could not accurately identify what ‘GDPR’ meant.
IT pros recognize the need to align data protection regulation to keep up with modern data sharing practices and the globalization of data. It is clear that compliance comes at a price for most. Many are trying to prepare by organizing training and assigning resources. There’s clearly a very large expectation of a need to invest in technologies including managed file transfer systems like Ipswitch MOVEit™ that meet stringent security and compliance requirements.
The Ipswitch MOVEit managed file transfer system helps IT teams support GDPR requirements in the following ways
Protecting Personally Identifiable Information (PII)
- Support for secure open standard transfer protocols
- End-to-end encryption, guaranteed delivery and non-repudiation
- Automated file management policiesManaging PII
- Automated file exchange
- Managed ad hoc exchange
- Policy based file access and data loss protection (DLP)
Managing System Exposure
- High availability and disaster recovery
- Monitoring and reporting for auditing and forensics
- Trading partner provisioning and management
* The 2015 GDPR Ipswitch survey was conducted by technology research firm Vanson Bourne during July 2015 and polled 300 IT professionals. Survey responses include 100 responses from the UK, 100 responses from France, and 100 responses from Germany.
>> Engage with us next month during the Ipswitch Innovate 2015 User Summit, a two-day (October 21-22) online event for IT pros to learn from each other and our product experts.