Damon Robertson, Managing Director of data management solutions and business critical infrastructure firm Coolspirit, explains how how resellers can work with vendors on the on-going challenges of GDPR.
The challenges of GDPR did not end on the 25th May – in many ways, they have only just begun. At Coolspirit, many of our customers, have been reticent to make moves to address GDPR without further legislative clarification.
The practical upshot of this confusion is that many companies are singing from different hymn sheets – a lack of standardisation in the de facto GDPR business requirements from the ICO means that, on any given day, we can be processing any number of compliance forms from customers and vendors without a common set of questions running through them.
This creates an amount of paperwork we’ve not previously encountered, and means we have to reconsider the way we work. It is far more important that whatever aspects of our business can be streamlined, are. As such, vendors need to take additional steps to find ways to make their channel partners’ lives easier – for example, clear training resources, toolkits for sales and solutions that are easy to bundle as part of wider offerings.
GDPR solutions however are not about a product-led solution; it’s about addressing the legalities involved, and then supporting that with technology. This means our approach has to be different, as technology isn’t the ‘solution’ in this instance, and GDPR compliance falls to a new audience within our customers’ organisations.
While working with different groups within an organisation – namely IT and legal – can be a great opportunity, it does mean we need a different toolkit to best address different needs.
This is where vendors come in. Providing the relevant training resources to demonstrate how a solution maps to the GDPR and meets the business needs of a CDO or a legal professional is critical.
For example, to date, many vendors have offered webinars on the requirements of GDPR, and much of this has been used to promote different products. As the real impact of GDPR becomes clearer over the next few months, vendors will need to shift their strategy to meet the refined regulation and the concerns of the different audiences impacted. Working closer with their channel partners will help achieve this.
After overall strategy, message and guidance shifts, vendors will have to look at their products. From a technical perspective, adhering to GDPR takes investment. For example, to fulfil a subject data access request you may need to search through many millions of objects, and for that scale, you need powerful hardware and analytics. While the actual financial business impact of GDPR becomes clearer, we’re still approaching that tipping point when the cost of implementation and the ROI are balanced.
Vendors and resellers will need to work as educators here, helping customers understand why different GDPR solutions, while expensive, will pay off in the long run – and not just for compliance purposes – but also for the wider business value of better data management processes.
To help the channel, vendors need to hone in on exactly how their product helps with specific aspects of GDPR compliance, and focus in on them. Most customers should be well aware that there is no single point solution, but different technologies will need to work in tandem to fulfil the requirements of GDPR. For example, encryption software has already become more popular, but data management technology is also needed – particularly for sensitive data. This is where something like Commvault Sensitive Data Governance comes in – having a solution that can both protect and index sensitive data is immensely powerful, and a key piece of the puzzle that we can provide to our customers.
The opportunity for us in the channel is not ‘a quick buck’ by any means. While many may have jumped on the marketing opportunity for new products and solutions, the long-term benefits will be one of closer relationships with customers, and working with vendors to provide the best compliance solution for their individual business environments.