GDPR is coming – how security ready are you?

Andy Lilly discusses how securing your mobile communications could be a key step in meeting the new GDPR regulations

The new General Data Protection Regulation (GDPR) comes into force on 25^th May 2018 and you are probably starting to consider what it will mean for your company. A lot has already been written about GDPR, which will override current national data protection laws. In a nutshell, it includes new and more detailed legislation for managing and protecting personal data, meaning that all organisations will need to review their policies and practices to ensure that they comply.

Many are seeing the introduction of the new regulations as a positive step. It encompasses how personal data is managed, processed and deleted – and in particular, how it is lawfully and fairly protected by documented security measures. GDPR is clear in that it encompasses all of a company’s data (including that held in marketing, sales and finance) when dealing with EU citizens. With many companies using mobiles to communicate with customers, it also means that texts and messaging, whether internal or external, will be considered within the new data laws.

With non-compliance fines of up to €20m or 4% of global turnover, not to mention reputational damage, companies ignore the new legislation at their peril. According to ICO Information Commissioner Elizabeth Denham¹; “If your organisation can’t demonstrate that good data protection is a cornerstone of your business policy and practices, you’re leaving your organisation open to enforcement action that can damage both public reputation and bank balance.”

Getting your ducks in a row

Whatever their business, all companies will need to get their ducks in a row when it comes to data retention, compliance and security. Governance will play an enhanced role under GDPR and you will have to ensure that you have appropriate systems and processes in place to be able to manage and monitor all data under the new rules. Accountability is also important so as well as complying, you will have to be able to demonstrate how you comply.

On a practical note, with Armour Mobile your organisation can ensure data and messaging communications are entirely secure whether in transit or stored, either with our cloud solution once you have licensed your mobile devices with us, or with our Armour on-premises solution. In fact, the latter allows your organisation to configure and manage your secure communications service in total privacy, restricting any outside connections.

We can also provide secure voice communications between your mobile and other voice systems (e.g. desk phones within your office) or services (voicemail or conferencing). Securing messaging and voice communications in these ways provides robust audit trails to support compliance and due diligence of the new privacy rules.

GDPR will mean that all organisations will have to start thinking about data in a different way – adopting Armour for your mobile communications could be a big tick in the first steps towards achieving compliance.