GDPR poses data safeguarding problems for SMEs

The General Data Protection Regulation (GDPR) comes into force on May 25th 2018, and research indicates that significant numbers of SMEs are still unprepared for this data protection legislation. Fines for non-compliance with GDPR could be as high as 4% of global turnover or approximately £18m, whichever is greater, so preparedness is a critical area of concern.

A survey conducted by the Zurich SME Risk Index suggests that 85% of SMEs will be affected by GDPR, and up to 44% of these firms are unaware of all their regulatory obligations. The safeguarding of personal data is one important aspect of GDPR that can be addressed by opting for cloud solutions to solve issues with data processing.

GDPR safeguarding of data requirements

Cloud solution providers have spent a long time preparing for GDPR and are fully aware of the legislative requirements for data processors. So, while your company remains the data controller, moving your processing responsibilities to managed cloud providers makes good sense.

Personal data breaches are viewed extremely seriously by GDPR regulators and these include breaches of security which lead to the loss, accidental destruction, alteration, and unauthorised access to personal information which is being stored, transmitted or processed. GDPR data protection is provided to all residents of the EU and is applied universally to any businesses which store or process this

personal data. All businesses must adopt stringent security measures whenever handling personal data. Organisations which manage their own IT infrastructure and data handling will be 100% liable for any data breaches once the GDPR is implemented.

Moving all your business data to the cloud can help resolve data safeguarding issues which arise as a result of GDPR. For example, the theft or loss of a laptop or mobile device will be classed as a data breach under GDPR. Official notification will need to be made and fines may be issued if the device held personally identifiable information. Use of a hosted desktop service could alleviate the need for official notification under GDPR legislation, as it is unlikely that personal data was stored on the device. All personal client data is stored in secure data centres, offering access only to business mobiles and laptops.

Further advantages of moving to hosted desktop solutions include:

- Improved cybersecurity is offered by cloud providers. Regular tests and updates make security a core

element of cloud services, reducing risks of ransomware attacks and phishing emails.

- Regular renewal of software. Business IT resources are finite and important software updates are often missed. The subsequent reductions in levels of security can create windows of opportunity for cyber-attacks. Cloud services ensure that available software is up-to-date and all available features are provided.

- Cloud services provide regular backups for business clients, so data can be recovered easily in the event of disasters. They also offer off-site storage facilities and disaster recovery plans to ensure complete business continuity in worst case scenarios.

Smaller organisations can alleviate the risk and stress of adapting to new GDPR issues with one call. HTL Support can provide SME’s with solutions for safeguarding data, including managed including managed IT services.

Get in touch with us for more details.