The big data protection shake-up: how to protect companies who are under-prepared
By Neil Bramley, B2B Client Solutions Business Unit Director, Toshiba Northern Europe
With the new General Data Protection Regulation (GDPR) coming into force next year, never has it been more important for European organisations to identify ways to best manage their data.
Yet many companies are still worryingly under-prepared for what will be the most significant shake-up of data protection law for 20 years.
According to Gartner, over 50 per cent of companies affected by the new regulation will not be in full compliance with its requirements come May 25th, 2018 – the date GDPR comes into effect.
Twelve months is not a long time in IT, especially when considering the heightened risks associated with mobile working, and the vast and ever-increasing swathes of business critical or consumer data today’s businesses manage of a day to day basis.
Not only will GDPR subject organisations to severe penalties should they fall foul of the regulation – facing the risks of penalties, fines and even legal action – but the threats surrounding IT security and data protection continue to grow. One only has to look at the recent WannaCry ransomware cyber-attack, which spread across 150 countries across Asia and Europe, attacking organisations including Spanish mobile operator Telefonica, the UK’s NHS, and Germany’s Deutsche Bahn.
With all of this in mind, it’s clear that CIOs and IT leaders have a challenging task ahead in ensuring not only that they meet the requirements of GDPR, but are also robustly prepared to address the incalculable number of cyber threats circulating around the world’s IT networks each and every day. So how can such threats be minimised and averted?
Today’s working environment can be anywhere – whether that be in the office, at home, on train, or in a coffee shop. Clearly employees need devices which will allow them the flexibility to work productively in any environment. Yet employees are often the weakest link in an IT security chain.
While business-built devices can offer a strong first barrier, often equipped with features including biometric finger-print scanners, it is time for organisations to consider solutions which shift sensitive data away from a set device and centralise permissions and data access management.
Unlike historical thin client solutions, zero client solutions contain no locally installed operating system, HDD or SDD, and don’t allow any data to be hosted on the device – instead using it purely as a sophisticated mobile terminal. Both functionality and data is made available through a user’s existing VDI solution, removing the threat of malware being stored on the device and data theft in the event the device is lost or stolen – helping organisations remove the threat away from the hands of employees, and help comply with the GDPR.
Business leaders will undoubtedly be placing both more trust and responsibility on their CIOs and within the IT teams as they look to adhere to the new regulation. With this added responsibility comes greater pressure for senior IT staff as the ramifications of a security breach heighten.
Organisations found to be in breach of the GDPR will be subject to a fine of either up to 4 per cent of annual global turnover or €20m – whichever is greater. Security has to therefore be the number one priority within any IT strategy.
GfK and VMware: Innovating together on hybrid cloud
GfK has been the global leader in data and analytics for more than 85 years, supplying its clients with optimised decision inputs.
In its capacity as a strategic and technical partner, VMware has been walking GfK along its digital transformation path for over a decade.
“We are a demanding and singularly dynamic customer, which is why a close partnership with VMware is integral to the success of everyone involved,” said Joerg Hesselink, Global Head of Infrastructure, GfK IT Services.
Four years ago, the Nuremberg-based researcher expanded its on-premises infrastructure by introducing VMware vRealize Automation. In doing so, it laid a solid foundation, resulting in a self-service hybrid-cloud environment.
By expanding on the basis of VMware Cloud on AWS and VMware Cloud Foundation with vRealize Cloud Management, GfK has given itself a secure infrastructure and reliable operations by efficiently operating processes, policies, people and tools in both private and public cloud environments.
One important step for GfK involved migrating from multiple cloud providers to just a single one. The team chose VMware.
“VMware is the market leader for on-premises virtualisation and hybrid-cloud solutions, so it was only logical to tackle the next project for the future together,” says Hesselink.
Migration to the VMware-based environment was integrated into existing hardware simply and smoothly in April 2020. Going forward, GfK’s new hybrid cloud model will establish a harmonised core system complete with VMware Cloud on AWS, VMware Cloud Foundation with vRealize Cloud Management and a volume rising from an initial 500 VMs to a total of 4,000 VMs.
“We are modernising, protecting and scaling our applications with the world’s leading hybrid cloud solution: VMware Cloud on AWS, following VMware on Google Cloud Platform,” adds Hesselink.
The hybrid cloud-based infrastructure also empowers GfK to respond to new and future projects with astonishing agility: Resources can now be shifted quickly and easily from the private to the public cloud – without modifying the nature of interaction with the environment.
The gfknewron project is a good example – the company’s latest AI-powered product is based exclusively on public cloud technology. The consistency guaranteed by VMware Cloud on AWS eases the burden on both regular staff and the IT team. Better still, since the teams are already familiar with the VMware environment, the learning curve for upskilling is short.
One very important factor for the GfK was that VMware Cloud on AWS constituted an investment in future-proof technology that will stay relevant.
“The new cloud-based infrastructure comprising VMware Cloud on AWS and VMware Cloud Foundation forges a successful link between on-premises and cloud-based solutions,” says Hesselink. “That in turn enables GfK to efficiently develop its own modern applications and solutions.
“In market research, everything is data-driven. So, we need the best technological basis to efficiently process large volumes of data and consistently distill them into logical insights that genuinely benefit the client.
“We transform data and information into actionable knowledge that serves as a sustainable driver of business growth. VMware Cloud on AWS is an investment in a platform that helps us be well prepared for whatever the future may hold.”