…they currently have a solid compliance strategy in place, with firewalls, VPN and encryption identified as the security measures most likely to be involved in these strategies.
However, more than half (51 percent) believe that their organization will need to make significant changes to their IT infrastructure in order to comply. As such, time is running out, and companies are feeling the pressure. Respondents from organizations that are not yet GDPR-compliant estimate it will take an average of seven months to complete the requirements, according to WatchGuard.
“The challenge for the channel is the same as every other organization — to become compliant themselves,” Hillstrom said. “Managed service providers (MSPs), for example, will likely need to collect IP addresses from EU citizens on behalf of their customers — and may collect many other types of information that the GDPR considers personal data in addition to IP address. This means that they need to comply themselves. And, even if the channel organization is not required to comply, it may be demanded from customers if you are providing GDPR compliance services — as proof of your capabilities.”