With less than two months until GDPR becomes mandatory, Canonical is warning companies are risking business failure by leaving compliance until the last minute.
The legislation, which comes into law on 25th May 2018 and impacts all businesses based in Europe or trading with European companies, includes stringent fines for those who don't comply with the data protection regulations. Those firms which fail to comply will be hit with fines of up to €20 million or four per cent of global annual turnover, whichever is higher.
German hosting provider ITstrategen has already been working with Canonical to ensure its technology platforms are fully secure in advance of GDPR's introduction.
Thomas Reinhold, managing director of ITstrategen, explains the importance of acting early for the business and its customers: "With GDPR on the horizon, it is our duty to ensure our applications are as technologically secure as possible so data protection isn't an obstacle our customers need to overcome, letting them focus on the formal side of compliance such as creating legal agreements. This is why we worked closely with Canonical to ensure any clients still using legacy systems were covered and wouldn't be at risk of vast fines come next May.
"In a world where every business is now a technology business, it's vital companies study every element of their technology systems to ensure support windows aren't close to expiration. Once end of life is reached, the smallest fault could transform into a crisis with lengthy downtime and data breaches becoming a real possibility. Under the upcoming legislation, such issues will result in fines large enough to make even titans of industry wince so non-compliance isn't an option."
With GDPR around the corner, the data security issues posed by running legacy systems past their lifecycle increases hugely. Mark Baker, Field Product Manager, Canonical fears some businesses are failing to grasp the significance of the upcoming legislation, "GDPR is a big change in data security and compliance requirements and shouldn't be taken lightly. For many, compliance is just another obstacle to overcome but with the severity of the fines in place and the harm a data breach can cause in the modern age, no business can afford to bury their heads in the sand.
Companies should begin preparing, if they haven't already, by analysing their technology platforms to ensure they know where customer data is held and how it is managed. Once a full audit is carried out, it will be clear exactly what needs to happen to guarantee GDPR compliance and the right action can be taken. For those organisations which continue to ignore the upcoming changes, the fines and resultant reputational harm has the potential to cause even the largest of businesses to fail."