How Acronis VARs Can Package, Market and Sell GDPR-Compliant Data Protection Products
The European Union (EU) General Data Protection Regulation (GDPR) that is coming into effect on May 25, 2018 presents a great opportunity for Acronis value-added resellers (VARs) to offer GDPR-compliant products to companies and organizations affected by the new regulation.
As described in earlier essays on this blog, GDPR is designed to regulate the processing of personal data of European Union residents irrespective of whether the company handling that data is based in Europe or not. If a business captures any personal data in the process of offering goods or services to EU residents, including tracking their browsing behavior with website cookies, it will have to observe these new GDPR regulations.
Millions of business entities will be affected, with hefty fines for non-compliance amounting up to 20 million euros (or four percent of the annual revenue, whichever is greater). Businesses with customers in the EU are either rushing to assess their procedures in order to get ready for the May 2018 cutover, or are about to be caught flat-footed and will be scrambling to catch up after the deadline has passed.
In both cases, Acronis VARs can help businesses and organizations to improve their GDPR compliance posture with appropriate upgrades to IT infrastructure and services for storage, data protection, disaster recovery, and file sync & share.
1. Familiarize yourself with the new regulation
In order to help your customers, you need to study and understand the new regulations. Acronis blogs, articles, and training webinars are a good place to start. You may also go back to the source and review the official European Union GDPR website (or this nicely laid-out alternative). The United Kingdom Information Commissioner’s Office also published The Guide to the GDPR, which is specifically designed to help organizations comply with the new requirements.
2. Prepare a compliance checklist
Different companies may have different compliance levels to meet. In order to help your clients, you need to understand their gaps between their current infrastructure and where they need to be to achieve compliance. For example, a company may currently have a GDPR-compliant data protection solution in place, but is storing its data outside of the EU in potential violation of GDPR compliance requirements. Or it may have GDPR-compliant storage but struggle with organizing and searching personal data. Every client and every company will have different needs, so a comprehensive requirements checklist can really help.
3. Package Acronis solutions to address specific needs
Storage. Acronis provides GDPR-compliant cloud storage with secure data centers located in Germany, France, Switzerland, and the United Kingdom. These ultra-secure and internationally-compliant data centers are certified with PCI DSS, HIPAA, ISO 9001, ISO 27001, ISO 22301 and other security certifications. Customers can choose where to store their data and can protect backups with strong AES-256 encryption.
If there is a need for secure data storage in a local data center, Acronis Storage Software Defined Storage (SDS) may meet your customer’s needs. This universal, cost-efficient, easy-to-use and scalable SDS solution offers universal storage for block, file and object workloads, and comes with the high levels of security required by GDPR.
Data protection. Acronis offers innovative data protection solutions for businesses and service providers, simplifying GDPR compliance on that score. Acronis Backup 12.5 Standard and Advanced editions offer easy and reliable protection of personal data in a GDPR compliant way. Businesses can choose where to store the protected data and defend it against tampering and theft with strong encryption. It includes powerful search functionality and advanced features such as blockchain-based data certification and active protection against ransomware.
For service providers, Acronis Backup Cloud enables delivery of the same level of data protection as a service, with a flexibility of servicing an unlimited number of businesses.
Security. GDPR is primarily concerned with the security of personal data, which calls for strong levels of encryption to keep the data protected at all times. Acronis data protection solutions offer strong security in the form of AES encryption on-device, SSL/TLS encryption in transit, and AES encryption at rest in Acronis Storage. Role-based access to protected devices ensures confidentiality of data within the organization. Customizable alerts and reports enhance data control and monitoring.
Innovative features. Acronis data protection and storage solutions offer privacy by design and by default. Acronis Notary offers easy certification of personal data via blockchain-based technology. Acronis Active Protection offers AI-driven detection and blocking of ransomware attacks to prevent personal data destruction and alteration, as well as instant recovery of personal data in the wake of a ransomware attack.
Acronis offers many of the required data protection components to help your customers achieve GDPR compliance. Selling GDPR-compliant data protection and storage presents Acronis VARs and service provider partners with a great business opportunity that should not be missed. To take advantage of it, start by explaining GDPR requirements to your customers and demonstrating how the identified problem areas can be solved reliably and cost-effectively with Acronis.
- GDPR Primer — General Concepts
- Five Top Questions for GDPR Compliance
- Understanding GDPR Through the Lens of Sarbannes-Oxley (SOX)