Majority of businesses still at risk of GDPR non-compliance
More than a third of businesses would struggle to find customer data if regulators asked where it resides
Businesses are still failing to prepare for the introduction of the General Data Protection Regulationin 2018, with only 38% of companies having any sort of plan that will protect their position when it comes into force, according toa report by Compuware.
However, two thirds of businesses said they are well-briefed on the GDPR and the impact it's likely to have on their business, which is an increase of 55% compared to the same point last year.
Compuware's report uncovered that US businesses are much better prepared than UK firms. 60% of companies over the pond have a detailed plan in place for dealing with the European customers' data, while only 19% of UK-based organisations described their preparation as 'detailed.'
"Businesses are clearly heading in the right direction on GDPR compliance, but there is still a long way to go in a very short timeframe," said Dr Elizabeth Maxwell, PDP, Technical Director, EMEA, Compuware.
"UK businesses may be behind due to initial uncertainty over the impact of Brexit," she added. "But any organisation doing business in Europe will need to fall into line by the May 2018 deadline. Failure to comply could lead to devastating consequences should a data breach occur, something all too common given the growth of cybercrime and insider threats."
The biggest barriers to companies developing a clear plan of action were data complexity and understanding what the regulations mean. Three quarters of businesses said the complexity of modern IT is making it too confusing to know where their customer data is. Only half said they know where all their customer data lives within their network and more than a third said they'd struggle to find the data if regulators asked for it.
"It will be impossible to comply with the GDPR's Right to be Forgotten if organisations can't find customer data," continued Maxwell.
"Due to its security and scalability, most large organisations store most of their customer data on the mainframe," she said. "This data usually resides in a complex rabbit warren of databases spanning multiple systems, and organisations use manual, time-consuming methods to find and extract it. Businesses need an automated way to map and visualise data relationships, so they can quickly find the specific and relevant data and delete it, without needing specialist skills."
The IT Pro guide to Windows 10 migration
Everything you need to know for a successful transitionDownload now
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Software-defined storage for dummies
Control storage costs, eliminate storage bottlenecks and solve storage management challengesDownload now
6 best practices for escaping ransomware
A complete guide to tackling ransomware attacksDownload now