GDPR is a chance for managed services providers to really engage with the customers and take advantage of the focus it brings to the message. They should not be over-concerned about its impact, but should be taking steps to show compliance.
Dave Sobel (below), Senior Director of Partner Community at SolarWinds MSP, told a group of MSPs at a briefing last week: “There is a lot to do on getting customers ready for being secure. A lot of this will be about GDPR – where I think the law is incredible well thought-out from a framework perspective.”
“I am bullish on its impact – but at the same time, I can say that it is really not that important. The law is a great framework to work from, a great impetus to have a conversation. But I don’t think we’re going to see companies hit with a lot of massive fines.”
It is really an opportunity to get the house in order – to be GDPR-ready he says. “We may well have interesting test cases over the years as it plays out, but if you have made an effort and done the basics, and invested in security, it should not be a problem."
“I don’t the end-users are quite engaged yet. A lot of the campaigns around GDPR will start in January. My counsel is that it should be taken seriously but you should not get stressed out about it. By investing and working on it, you are addressing the spirit of the law.”
The first targets in lawsuits will be people with money, he predicts. “There is the reason why we have invested large sums in getting ready – it will be the larger firms in the spotlight. Your custoemrs who are SMBs are not the targets, but they may get collateral damage. As the regulations mature – then we will get to the fundamental of their operation, and putting in the effort now will count; don’t ignore it. I don’t want organisations to get scared, particularly over penalties.”
There may be well be some examples to get people in line, but no-one wants to stop commerce, he concludes.