For months now, we‘ve heard with increasing urgency about the need to prepare for the General Data Protection Regulation (GDPR) coming out of the European Union. As of today, we’re facing a 6-month countdown to the May 25, 2018 deadline for GDPR compliance. Now is the time to jump in and help.
“Partners can play a critical role in helping commercial customers adapt to the new regulation. Customers are looking for help from partners to assess their GDPR readiness. That includes evaluating their existing technology environments. The customer lifetime value of that assessment is very promising—including managed services, change management, technology reselling and support, end user training, and deployment services.”
—Diana Pallais, Director, Microsoft 365 Partner Marketing
Preparing for the opportunity
IDC estimates this regulation represents a $3.5 billion security products and services opportunity for partners and customers working to comply with GDPR rules. A recent study shows 75 percent of US companies that consider GDPR a top priority have budgeted $1 million or more to become compliant. In Europe, that figure ranges from €100,000 to a few million, depending on an organization’s status quo according to the recent Forrester report, Assess Your Data Privacy Practices with the Forrester Privacy and GDPR Maturity Model.
Partners getting ready to help customers with GDPR are thinking about their services in four key ways.
Partners need to identify and take inventory of any personal data their organization or their customers have collected. Partners today can perform security and risk assessments, locate relevant personal data, and develop a plan to achieve and maintain compliance.
Take time to govern how personal data is used and accessed by classifying it for better accessibility. Partners can work with their customers to develop, implement, and manage compliance plans by designing, configuring, and monitoring the policies and controls appropriate for customers’ data and applications.
To prepare for compliance, it’s important to establish security controls to prevent, detect, and respond to vulnerabilities and data breaches. Partners can help customers to monitor, analyze, and act on threat intelligence and user behavior information to effectively address vulnerabilities and breaches.
Keep required documentation, process data requests, and manage breach notifications to get ready for GDPR. Partners can offer administrative services to help customers meet their documentation requirements and notification obligations, and respond efficiently to data requests.
It’s important to remember this is not just an EU opportunity. Even though this is a European regulation, it will require compliance from non-EU organizations that do business with European customers.
Partners should download the GDPR Opportunity Overview to learn more.
Work with a partner who knows GDPR
Here at Microsoft, we’re working with partners globally to address customer needs around GDPR. We have several partners today offering Microsoft-based solutions that include an overall set of controls and capabilities to meet GDPR requirements.
Here’s a list of global partners we’re currently working with to meet the growing demand for GDPR support.
If you want to be included on this list of approved Microsoft GDPR partners, please contact your local account team. We’re always happy to welcome more security and compliance partners.
How are you preparing for GDPR compliance? Share your thoughts with the Microsoft Partner Community here.