There’s lots to love about GDPR

There’s lots to love about GDPR

What We’ve Been Reading And Writing This Month

GDPR – why it is a good thing for business
Plus – useful articles for tracking your GDPR progress
Manageable Data in Moments - The Upside of GDPR
Manageable Data in Moments – The Upside of GDPR
Over the past six months your LinkedIn feed will have told you that GDPR is coming and that you and your compliance, audit and IT teams have a myriad of actions to meet the forthcoming Regulation. But where’s the upside?
Why GDPR is the kick up the backside your marketing needs
GDPR hits home on 25th May 2018. Lawyers and consultancies are having a field day. Many of their internal counterparts are hyperventilating over the prospect but GDPR can only be a good thing…
Gaining competitive advantages from the GDPR
Gaining competitive advantages from the GDPR
Quite a few articles have already been written about the European Union’s new privacy legislation – the General Data Protection Regulation or GDPR, as it’s known to its friends (although if…
How to turn EU GDPR compliance chores into benefits
When the EU General Data Protection Regulation was announced last year, many business owners immediately panicked at the prospect of eye-watering fines and onerous obligations. But with…
Get our free GDPR report
The European Union’s General Data Protection Regulation is designed to protect individuals’ personal data and facilitate the exchange of information for businesses that operate in the EU….
GDPR: Where do I start? - GDPR.Report
The Exonar guide and simple framework to get started on your GDPR journey
Whose customer is it anyway?
Whose customer is it anyway?
In an environment where multiple members of the executive team are being compensated on customer metrics, who actually owns the relationship?
The totally unrelated section: Retro tech making a comeback
The totally unrelated section: Retro tech making a comeback
Reminiscing over the tech you loved is one thing but is old tech best left to a rose-tinted memory…not for everyone, here are the top 12 retro tech comebacks.

Whose Customer is it Anyway?

Once upon a time customers belonged to Customer Services but things are changing around the board table – Coca Cola recently replaced their Chief Marketing Officer (CMO) with a Chief Growth Officer (CGO) and over the past few years we’ve witnessed a trend of companies substituting the role of Chief Information Officer (CIO) for that of a Chief Customer Officer (CCO).

These changes suggest that it’s no longer enough to have roles focusing solely on managing internal tools or processes – organisations want to make sure that the customer is placed firmly at the heart of the business and in such a way that outcomes relating to customer interactions can be meaningfully measured on a daily basis (not once a year via a satisfaction survey).

So, in an environment where multiple members of the executive team are being compensated on customer metrics, who actually owns the relationship?

Mine, mine, mine!

When it comes to deciding who owns the customer relationship, you could end up with this argument around the table:

The Chief Operating Officer (COO) will tell you that her teams face into the customer and are therefore the guardians of the customer relationship.

The CMO will tell you that by making sure he owns all customer communications, you’ll have access to richer customer analytics and data that will increase customer revenue and satisfaction via improved marketing effectiveness.

The CCO will remind you that she is responsible for growing customer revenue and therefore ultimately owns customers as a segment.

Customer Ownership vs Compliance Responsibility

One thing that not everyone will put their hand up for is the responsibility of customer data compliancy.  It’s entirely possible that in this instance everyone will point at the CIO (assuming that his title hasn’t changed) because he owns the infrastructure where all the data is held and manages the rules around security.  With every member of the business potentially putting customer data into the infrastructure, he’s unlikely to agree that the responsibility is solely his.  And it’s not just a job for the Legal team either.

A Single Data Set = Joint Ownership

Whilst there may be argument on ownership of relationship vs responsibility for compliance, the one area where you will find agreement is the nirvana of a Single Customer View and the General Data Protection Regulation (GDPR) could be your way to move towards it.

A Beneficial Piece of Legislation

We believe the GDPR could be the trigger for organisations to realise incredible business benefits because at it’s heart is the need for robust data management.  Using Big Data and Machine Learning principals to deliver data management and intelligent classification, it’s now possible for an organisation to take control of it’s data assets in a fraction of the time of traditional consulting methods.  This approach enables organisations to create one, secure, trusted dataset with policies enforced on a low-touch / automated basis giving you real-time:

  • Customer insights
  • Control over data usage
  • Opportunities to deliver a great customer experience
  • Ability to make decisions that increase profitability.

Ownership for All

By using GDPR as a means to kick-start a process of complete data management that is designed to drive the business forward, it gives organisations not only the impetus to address forthcoming legislation in a positive manner, but also the opportunity for the entire Board to compete for the crown of being the most customer-centred person in the business – and with access to the right data to prove it.

This is just a snapshot of how we believe taking a proactive data-centric approach to GDPR could benefit your business.  To find out how you could use GDPR to place the customer at the heart of your business, either download our whitepaper here: http://bit.ly/ExonarGDPR  or drop us a line at tellmemore@exonar.com.

GDPR:Where do I start?

GDPR: Where do I start

The new European General Data Protection Regulation (GDPR) regulations mean that any organisation, big or small, will need to comply with new rules regarding the collection, storage and usage of personal information regarding EU citizens.

But reports have suggested that many IT security professionals are either not preparing or are unaware of any changes that need to be made to their business processes in order to ensure compliance.

This article answers the questions on where to start and gives a simple framework for getting started.

Infosec and the new CIO

Infosec and the new CIO: Getting a handle on what’s going on at your new workplace

According to a recent survey, improving security is the number one priority for executive teams with 57% of CIOs agreeing that their executive teams consider it a priority. So when starting a new role, how should a CIO approach cybersecurity? Read the full article, including the thoughts of Exonar’s CEO here.

Manageable Data in Moments

Over the past six months your LinkedIn feed will have told you that GDPR is coming and that you and your compliance, audit and IT teams have a myriad of actions to meet the forthcoming Regulation.  But where’s the upside?

Rather than focus on fear, uncertainty and doubt, we like to emphasise advantages.  At the heart of successful GDPR compliance is data management, and data management brings with it some tangible opportunities for your business – from getting your data in peak condition to delivering an even greater customer experience.

Data Portability

Under GDPR, individuals have the right to Data Portability.  This means that you must provide individuals with the ability to obtain and reuse the data you hold on them across different services (for example, allowing individuals to securely port data to cost comparison sites).

Using Big Data and Machine Learning data management capabilities, you’ll be able to discover and segment your data assets easily, setting your business up to provide individuals with the ability to leverage the data you hold for their personal benefit – and providing you with extra customer loyalty points in the process.

The Right to be Forgotten

If an individual really wants nothing to do with your organisation any more, then under GDPR they have the right to be forgotten.  So, if an individual asks you to ‘forget’ them, you are obliged to delete any personal data relating to them where there is no legal reason for its continued processing.  This can extend to the sharing of this data with third parties.

Putting in place a process that will enable you to rapidly pinpoint the relevant data and remove it means that rather than dreading requests, they become the trigger for a swift operation that can be carried out with confidence.

With an automated approach, this activity removes the traditionally tedious manual exercise and becomes low-impact to the business delivering a straightforward process to the individual.  It also provides you with the added benefit of removing data that is no longer useful.

Data Security

Data breaches create havoc for individuals and organisations and generate headlines that can lead to enormous reputational damage.  A key benefit to undertaking a thorough data discovery and management exercise in preparation for GDPR is the additional security this will bring to your organisation:

  1. Data discovery will help you to find unstructured (or ‘hidden’) data. It is not unusual to find up to 10GB of unstructured data per employee.  Removing this creates TB of space in your infrastructure and allows you to actively address security risks.
  2. Intelligent classification will enable you to make sure all sensitive or confidential data is appropriately segmented and subject to correct security procedures.
  3. Data management processes powered by Machine Learning and Big Data principles will allow you to automate tasks that could historically be open to human error.

By taking a proactive approach to security, you’ll be able to find and address weaknesses early giving you a story that will increase customer confidence.

Freedom of Information / Subject Access Requests

Whether a public authority with an obligation to respond to Freedom of Information requests, or a private sector company with obligations under GDPR, the ability to rapidly and consistently handle requests for information from individuals is crucial for compliance.

Addressing this with manual methods is time consuming and costly.  By implementing data discovery, intelligent classification and data management protocols using software, this task becomes near-automated and does not disrupt day-to-day business.

Data Inventory

One of the ways in which many organisations are benefitting from an early approach to GDPR compliance via data management is their ability to create a detailed data inventory.  We liken it to the rigour that organisations apply to managing their finances.  By establishing a baseline of your data assets, classifying them appropriately, discarding duplicated data, then setting processes in place for ongoing management, you have a data set that is accurate on a near real-time basis.  This delivers a raft of data-centric business benefits:

  • Insight into a single view of the customer
  • Insights into customer / supplier behaviour
  • Accurate reporting
  • Insights into opportunities to streamline / automate processes

This is just a summary of how we believe taking a proactive data-centric approach to GDPR could benefit your business.  To find out how you could achieve manageable data in moments, either download our whitepaper here: http://bit.ly/ExonarGDPR  or drop us a line at tellmemore@exonar.com

Getting to Grips with GDPR

Getting to Grips with GDPR

What We’ve Been Reading And Writing This Month

GDPR – companies are ramping up their GDPR budgets
Plus – If you are visiting Infosec, check out our tips for the hot topics
It all starts with Data Discovery
It all starts with Data Discovery
This articles aim is to filter the GDPR noise down to a considered conversation that focuses on what’s important to your business and how you can take the appropriate steps to deliver a positive GDPR outcome.
Pulse Survey: US Companies ramping up GDPR budgets
Pulse Survey: US Companies ramping up GDPR budgets
A recent PwC pulse survey asked C-suite executives from large American multinationals about the state of their plans for Europe’s landmark General Data Protection Regulation (GDPR).
Our Tips for the Hot Topics at Infosec 2017
Our Tips for the Hot Topics at Infosec 2017
We’re exhibiting at Infosec this week and these are the hot topics we are looking forward to hearing about. If you are there, come along and see us on stand S07.
The DPO role: A quick survey
A recent survey by the IAPP asks what are the essential job skills and the appropriate professions of Data Protection Officers under the GDPR.
Get our free GDPR report
Get a free GDPR report
Want to know what your peers are planning for GDPR? Fill out this short survey and we will send you a free GDPR report.
Where Do I Start with General Data Protection Regulation?
This article gives insight into what you need to know about the regulation before you start and provides a simple framework for approaching GDPR.
GDPR Awareness Coalition
GDPR Awareness Coalition
The GDPR Awareness Coalition is a great place to start your GDPR journey, there’s lots of tips, recommendations and shareable infographics to help get that stakeholder buy in.
The utterly unrelated section.15 forgotten tech sounds you just don`t hear any more

The utterly unrelated section.

15 forgotten tech sounds you just don’t hear any more
Wallow in the beeps and buzzes of yesteryear, with these extinct sounds of tech

It all starts with Data Discovery

The noise around GDPR is increasing as organisations including Microsoft and Google set out their plans for complying with legislation.  Our aim is to filter that noise down to a considered conversation that focuses on what’s important to your business and how you can take the appropriate steps to deliver a positive GDPR outcome.  The following extract from our whitepaper illustrates how starting with what you know is the first step in the process.

Starting with What You Know

Most organisations have distinct functional areas with distinct processes and tools for holding data on individuals.  A simple table such as the one below provides an overview of the most common business functions, and the types of data they hold.

Once this initial dataset is understood, it becomes important to identify what is personal data and what is not.  This is further broken down into data that could be used to identify an individual, and information that would be classified as sensitive.

With GDPR, these definitions of data have been broadened to reflect the ways in which many organisations now retrieve and store information.

This broadening may result in additional compliance obligations for organisations.  The below provides an illustration of how this change will play out.

 

 

A Process of Data Discovery

Of course, starting with what you know only works if you know what data you have.  What GDPR forces business leaders to consider is where every single piece of personal data is across their IT estate – including the Cloud.  Taken in this context, the question of the data that an organisation holds on individuals becomes a complex one to answer, and one that is going to require time, resource and budget.

A thorough approach to data discovery, properly implemented, will lead you to data that you did not know about – offering not only a great start to GDPR compliance but also the opportunity to uncover and resolve data that is ‘hiding’ throughout your network, including company sensitive information, personally identifiable data and duplicated information.

To find out more about our approach to GDPR and how we can help your business use the legislation as an opportunity for business growth through great data management – download our whitepaper here: http://bit.ly/ExonarGDPR or get in touch at tellmemore@exonar.com

 

Our Tips for the Hot Topics at Infosec 2017

Infosec Europe 2017 – Our Tip for the Hot Topics

In the run up to Infosec 2017, the key to making your visit successful is preparation.  Keynotes fill up fast and with over 18,000 attendees and 195 sessions you could spend half your time trekking across Olympia if you don’t carefully plot your course.

Part of our preparation at Exonar has been considering the topics that we think will be the most talked-about so when some of our team are not manning our stand in the Cyber Innovation Zone, we’ll be making sure we get to the best sessions first.

Ransomware

We’re looking forward to hearing a range of viewpoints on what the way forward is since the initial furore has died down (and in anticipation that there won’t be another attack before the event).  We expect interesting discussions around public / private sector partnership in ways that combine the moral and the commercial.

IOT

There will no doubt be increased focus on the inherent risk present in the increasing number of connected devices – especially given the recent launch of Google Home.  Research from Statista suggests there will be 31 billion connected devices by 2020 which makes the potential impact of a wide-ranging DDOS one that is impossible to ignore.

General Data Protection Regulation (GDPR)

We see GDPR as having the potential to deliver enormous benefits to organisations when it comes to data security.  The process of data discovery and management that’s required to comply with the regulation gives organisations the opportunity to find the data that’s an asset, and remove any data that poses an unwanted risk.  Download our whitepaper to find out more.

Legal Responsibilities

Who takes the blame when there’s a breach?  Organisations providing technical services and solutions need to be clear about their liabilities, and we expect consumers in particular to start demanding greater clarity.  GDPR goes some way to help define boundaries and obligations but we also expect to see an upsurge in claim handling companies who sniff an opportunity.

Insurance

Alongside businesses ready to go to court on behalf of victims of data breaches, we expect to see cyber-security insurance products and services become a market of its own.  We’ll be listening out for the views from the anti-virus vendors on what they think could happen next.

Planning to visit Infosec and want to find out more about how a data-first approach could help your business become GDPR compliant?  Come and see us on Stand S07 in the Cyber Security Zone.  Or if you’d like to get to know us a little better first, drop us a line at tellmemore@exonar.com

 

#Infosec17

Where Do I Start With GDPR

Exonar’s CEO, Adrian Barrett, has recently written an article published by comparethecloud.net outlining the first simples steps to start on your GDPR journey. The articles gives insight into what you need to know about the regulation before you begin and then provides a simple framework for approaching GDPR.

Read the full article here

The data accountants forgot to keep safe.

AccountingWeb reports on the importance of accountancy firms securing their client’s data.  Are they seen as a weak link and vulnerable to hackers?  Adrian Barrett, Exonar CEO comments on the importance of knowing what data you have. Read the full article here.