Resellers Must Help Clients Through The Regulation Maze
Read original article here: http://www.channelnomics.eu/channelnomics-eu/opinion/2470043/resellers-must-help-clients-through-the-regulation-maze
Today's headlines are full of ransomware, retail customer data breaches and routine government surveillance of online traffic. The latest battle between the FBI and Apple over unlocking an iPhone is just one of the stories that has made digital data security a daily concern.
While teens on Facebook may not worry about who's looking at their posts, CEOs in the boardroom have a real problem to solve. Not only do large enterprises have to protect themselves against data breaches, they must follow a complex maze of privacy and data-hosting laws that vary by country and state. With the multitude of laws in place this is where channel partners can act as true trusted advisers, becoming real experts in the field and providing much needed support to businesses.
Security and compliance can become much more difficult thanks to a shift that otherwise makes IT easier and less expensive. Moving IT operations to the cloud has many advantages, but by placing data in the hands of a cloud vendor, companies frequently surrender a lot of control over that data – where it is stored, how it is handled, and how it is secured.
Furthermore, most customers have no idea of the physical location of the datacentre holding their information, creating an immediate compliance problem with EU data privacy and hosting regulations. Ultimately, non-compliance will be costly – the recently approved EU General Data Protection Regulation (GDPR) includes a provision to fine companies up to four per cent of their annual global revenue for non-compliance.
As a partner, providing choices to your customers as to where their content is stored is crucial to their ability to meet all those requirements. Indeed, data sovereignty has become increasingly important in the wake of the collapse of Safe Harbour, so companies need cloud solutions that enable them to maintain the highest levels of visibility and control over their data. Given such regulations as GDPR, it is critical for partners to help global enterprises ensure they remain in compliance with regional privacy laws, protect employee personal information and preserve the confidentiality of valuable corporate intellectual property.
So when considering a cloud solution, partners must ensure that they are encouraging their customers to factor flexibility of location into their purchase decision. The ability to use private cloud, public cloud, and/or on-premises storage within a single account will offer global enterprises a flexible range of options. Along with that, partners should look for a cloud vendor that offers their customer's IT department maximum visibility and control to choose the right storage location, based on national sovereignty, data sensitivity, and other factors that concern regulators.
Another crucial aspect that partners need to take into consideration for their customers is the security of the data – in particular, who controls access. It is impossible for an enterprise customer to know if there is a hidden back door in the vendor's system that might allow law enforcement (or a clever hacker) to access the most sensitive information of the enterprise. More importantly, should the FBI or NSA come calling, the enterprise has no way to know whether their vendor will allow those agencies access to data or if the vendor has agreed to the routine surveillance of their systems and, therefore, the customer data stored there.
As custodians of the information entrusted to them by customers, cloud vendors have a duty to include the highest levels of security to protect that data, and leave partners secure in the knowledge that their customer's data is safe and their reputation is not on the line.
These are enormously important issues and companies that want to be in the business of managing data for others must take them seriously. Doing anything less than this is an abject failure by the vendor. Partners need to make these issues a central part of deciding which vendors to partner with. Not doing so puts their customer's business – and data – in jeopardy.