What is the GDPR?
The General Data Protection Regulation is a European regulation which aims at harmonizing and reshaping the way organizations handle personal data. Any information related to a natural person must be stored with the consent of the data subject in a secure place under the control of the company processing the data, so that the company can ensure the privacy of its customers. Fines are significant. Merely not having clear records on how data is han- dled and where it is can incur fines of up to 2 % of annual global turnover, with fines for clear violations going up to 4 % or EUR 20 million, whichever is greater.
Soon, the General Data Protection Regulation goes into effect in Europe. This law makes your company liable for any deviations from an extremely high data security standard: even ‘leaking’ email addresses of people on your email list is an offense with an associated fine. Any business-to-consumer company, but also many B2B enterprises will have to ensure they have their data under control.
If you’re responsible for the IT in your company, you have to ask yourself: how certain am I that my employees keep company data in places where I can see, protect and control it? How often do they email documents with customer’s personal data (if only name or email address…) around? Or even share them via consumer file sync and share like Dropbox or Google Drive?
While this used to be tolerated, it will not be considered acceptable anymore. Everybody is feeling the shift: Austrian lawyer Max Schrems, famous for getting the Safe Harbor agreement with the USA thrown out by suing Facebook, recently co-founded noyb. None of Your Business is an effort to built a legal fund to sue companies into compliance with GDPR, something explicitly encouraged by the legislation. Organizations like noyb will force a reckoning in the IT industry: get reliable compliance in order or get sued!
The main issue is a lack of alignment between business and compliance goals. As the person responsible for IT, you are judged on compliance and costs. But most employees in your company are evaluated on productivity! If you start limiting the size of attachments and use old-fashioned Windows Network Drive with its tight access permissions that are always one step behind reality, you’re fighting your entire workforce. And people will use their private Gmail or Dropbox account to email urgent attachments around and get work done… The rules you set are nothing if they don’t result in actual compliance.
There is only one thing to do: making sure that compliance goes alongside with productivity.
This is where a private Enterprise File Sync and Share solution comes in!
You already have a Windows Network Drive or a NFS server? A SharePoint perhaps? Excellent. Keep them and provide easy file sync and share on top with Nextcloud! Your employees will have a solution that is as easy as the consumer technologies they are used to from Google, Apple and Dropbox, complete with mobile and desktop clients. And you have powerful tools to keep the data under control!
Of course, employees can send documents-v4_reviewed_jan3-2-final-final.docx around but that isn’t really the best way of keeping track, nor of collaborating on anything. Realtime, collaborative online document editing is the most productive way to go and Nextcloud offers this in partnership with Collabora Online.
Learn about Collabora Online in Nextcloud.
Email is still the backbone of the work force. But it is quite an old technology. Especially email attachments tend to be the bane of IT administrators trying to keep storage from ballooning and data from leaving company premises. Nextcloud offers Outlook integration which can automatically replace attachments with links to the internal storage system, allowing policies to remain in effect!
Learn about Nextcloud Outlook Integration.
On top of tools like email and file share, audio/video calls and chat are quickly becoming more popular tools to enable and advance productivity and communication. Nextcloud features built-in capabilities for secure calls and text communication!
Learn more about audio/video calls in Nextcloud.
Perhaps the biggest question should be: can this new technology be integrated into my current infrastructure? The answer is: yes. Nextcloud offers user directory integration, external storage and many other points-of-contact between your existing tools and processes and the compliant future.
For Nextcloud customers, security tends to be the primary concern. We thus have done what we can to ensure develop features that keep data safe using secure development processes and extensive internal and external reviews. In addition to in-transit and server-side encryption, our unique end-to-end encryption solution allows administrators to ensure the utmost protection for a subset of data from even a full server breach.
Nextcloud offers a set of tools which integrates into your existing infrastructure and offers control and compliance without requiring costly migrations or constant manual policy enforcement and surveillance of your users. Find out more and take your first steps towards security for both you and your business today! Contact us now.