~This blog was written by MPN; how are you preparing for GDPR compliance? Please share your experiences below~
For months now, we‘ve heard with increasing urgency about the need to prepare for the General Data Protection Regulation (GDPR) coming out of the European Union. As of today, we’re facing a 6-month countdown to the May 25, 2018 deadline for GDPR compliance. Now is the time to jump in and help.
“Partners can play a critical role in helping commercial customers adapt to the new regulation. Customers are looking for help from partners to assess their GDPR readiness. That includes evaluating their existing technology environments. The customer lifetime value of that assessment is very promising—including managed services, change management, technology reselling and support, end user training, and deployment services.” —Diana Pallis, Director of Office 365 Partner Marketing
Preparing for the opportunity
IDC estimates this regulation represents a $3.5 billion security products and services opportunity for partners and customers working to comply with GDPR rules. A recent study shows 75 percent of US companies that consider GDPR a top priority have budgeted $1 million or more to become compliant. In Europe, that figure ranges from €100,000 to a few million, depending on an organization’s status quo according to the recent Forrester report, Assess Your Data Privacy Practices with the Forrester Privacy and GDPR Maturity Model.
Partners getting ready to help customers with GDPR are thinking about their services in four key ways:
Partners need to identify and take inventory of any personal data their organization or their customers have collected. Partners today can perform security and risk assessments, locate relevant personal data, and develop a plan to achieve and maintain compliance.
Take time to govern how personal data is used and accessed by classifying it for better accessibility. Partners can work with their customers to develop, implement, and manage compliance plans by designing, configuring, and monitoring the policies and controls appropriate for customers’ data and applications.
To prepare for compliance, it’s important to establish security controls to prevent, detect, and respond to vulnerabilities and data breaches. Partners can help customers to monitor, analyze, and act on threat intelligence and user behavior information to effectively address vulnerabilities and breaches.
Keep required documentation, process data requests, and manage breach notifications to get ready for GDPR. Partners can offer administrative services to help customers meet their documentation requirements and notification obligations, and respond efficiently to data requests.
It’s important to remember this is not just an EU opportunity. Even though this is a European regulation, it will require compliance from non-EU organizations that do business with European customers.
Partners should download the GDPR Opportunity Overview to learn more.
Work with a partner who knows GDPR
Here at Microsoft, we’re working with partners globally to address customer needs around GDPR. We have several partners today offering Microsoft-based solutions that include an overall set of controls and capabilities to meet GDPR requirements.
Here’s a list of global partners we’re currently working with to meet the growing demand for GDPR support:
|ACP IT Solutions||FWI Group||Patriot Consulting Technology Group LLC|
|AGIC Technologies||Global Info||PerenneIT|
|Ai3||Globeteam||Performanta UK Ltd.|
|Alphacom Finland OY||GTI Software & Networking||Pipeline Courseware & Software Houe SRL|
|Altitude 365||Horizons||Post Group|
|Altogee||ICT Spirit||Prodware SA|
|Atea||Inergy Analytical Solutions B.V.||Projetlys|
|Avanade||Intelligent Studios||Robert Half Technology|
|Axians||Intellinet Corporation||S&T AG|
|BDO Global||JDM A/S||Seelogic Ltd|
|Bechtle AG||Kentico||Softjam S.p.A.|
|Combitech||Mega INTL||Successfully Managed Services NL B.V.|
|Comparex||MESA S.r.l.||Synergics c.v.b.a|
|Core Technology Systems||M-Files Corporation||TechQuaters|
|Corporate Project Solutions Limited||Minttulip Limited||Tryade|
|Crayon||Motion10||Ultima Business Solutions Ltd.|
|D4t4 Solutions||NEOS SDI||Valid|
|Datalytyx||Network One Distribution S.r.l||Vnext|
|Dimension Data||Neurones||WeSafe IT|
|Dinotronic AG||Novencia||West IP Communications Inc.|
|Econocom||Objektkultur||Winvision Holding B.V.|
|ESC.BE||On Direct Business Services Ltd|
|Experteq IT Services||Onrego Oy|
If you want to be included on this list of approved Microsoft GDPR partners, please contact your local account team. We’re always happy to welcome more security and compliance partners.
How are you preparing for GDPR compliance? Share your thoughts below.
GDPR is important! Initially it's for the European Union, but will most likely going to be an inspiration for other parts of the globe! Not only is it something that you can't neglect - it's also a great opportunity for partners to build services around.
This opportunity spans over multiple partner types and all verticals so it's a game changer for the ones that want to grow their business. For the ones that want, it will be hard not to find a way to come up with relevant offerings. :-)
I see GDPR as a great play for Learning Partners to educate both partners and customers. I see that SIs will be very important in onboarding but they will also be able to find recurring revenue if they come up with relevant Managed Services offerings. Security Partners are a given but also Management Consultants will have a great play here.
I am personally excited for the ones that have automated cloud based services (with no human interaction) and a bit of AI and I'm looking for these to invest in (but that's just my personal agenda).
We are a Silver partner and would like to see how we can be part of this list.
We have a wide spread of GDPR offerign when it comes to rediness and training.
Sounds like you have the foundation for being successful! My suggestion is that you take your offerings around GDPR and promote them to your audience. Perhaps your offerings are horizontal (all Industries) or perhaps they are tailored specifically to a certain vertical. In my opinion you can be successful both ways but you probably need to decide which is your audience.
Other questions to think about are; a) how to leverage digital marketing, b) which languages/countries within the European Union and c) will you sell direct or indirect?.
GDPR is a great opportunity and everyone needs readiness and training.
Do you have site feedback? Post here