NetApp: Robust It Infrastructures to Aid UAE Businesses in Ensuring Compliance With GDPR

The widespread adoption of digitization initiatives across the Middle East has also resulted in the growing vulnerability to cyber-attacks. The Telecommunications Regulatory Authority (TRA) alone foiled a total of 86 cyber-attacks against government, semi-government and private sector entities in the UAE during the first two months of 2018. If adequate measures are not taken to mitigate the risk, cyber-attacks will continue to disrupt the progress of digital transformation, which can in turn slow down economic growth.

In the light of continuing cyber threats, immediate adoption of information management solutions and legislations such as the EU’s General Data Protection Regulation (GDPR) are becoming imperative. According to GDPR- approved by the EU Parliament in April 2016 - any organization that does business in or has possession of data on residents in the European Union needs to be able to secure, identify, and delete personal data.

The enforcement of GDPR on May 25, 2018, is set to affect a number of GCC organizations as well. Organizations that have a branch, subsidiary or single representative in the EU; organizations that do not have a physical presence in the EU, but offer goods or services to data subjects in the EU; and businesses that neither have a physical presence in the EU nor offer goods or services to people in the EU, but monitor the online behavior of data subjects in the EU, are required to ensure compliance with GDPR. With the deadline fast approaching, many GCC organizations are yet to begin the processes, risk lagging behind and facing penalties.

With six weeks to go until GDPR deadline, NetApp’s global research has found that the 1,106 IT decision makers surveyed across major markets are united in their concerns. One-third of respondents say that the impact of noncompliance with GDPR puts the survival of their business at stake. At the same time, two-thirds of respondents expressed some level of concern about achieving compliance by the deadline.

Under GDPR, every business that deals with the personal data of an EU citizen must know where their data is stored at all times. This knowledge is the first step toward GDPR compliance. However, the survey shows that knowledge levels are low globally, with only 40 per cent of respondents stating that they can say with confidence where all of their data is stored. U.S. respondents are the most confident (52 per cent). Across EMEA, confidence is much lower (just 35 per cent), which is only 10 per cent higher compared to NetApp’s survey results in 2017.

The survey, which was completed by Opinion Matters in March 2018, included 1,106 C-suite managers, CIOs, and IT managers responsible for or involved in IT buying decisions, working in companies with 100 or more employees.

Alexander Wallner, NetApp Senior Vice President and General Manager EMEA, said: “The GDPR, data compliance, and privacy questions will undoubtedly affect businesses that touch EU citizens’ data. But there is good news, in spite of the approaching deadline, the whole ecosystem is responding to the requirements of GDPR, from resellers to hyperscale cloud providers to manufacturers. Enterprises can tap into this expertise, build up resources, and future proof businesses with GDPR compliant data management.”

Fadi Kanafani, Regional Director Middle East & Africa, NetApp, said: “The level of awareness on the implications of the GDPR deadline is relatively low in the region and that could be the major reason behind the slow pace of activities aimed at ensuring compliance. Organizations will need three to six months to assess their current level of compliance, another three months to fortify their systems and an additional three months to roll out the infrastructure. Companies in the UAE do not shy away from investing in robust IT infrastructure and that will be an advantage in navigating this challenge.”

NetApp and GDPR

NetApp understands the process and legal requirements that GDPR imposes on organizations that store, process, or hold data on EU residents. NetApp is one of fewer than 100 companies in the world that have EU-approved Binding Corporate Rules (BCRs), and NetApp partners with the world’s top governance, risk, and compliance (GRC) consultancies and e-discovery vendors. NetApp can help customers integrate NetApp^® and partner technologies to enable them to identify where personal information is held, improve their data management and governance processes, and build GDPR-compliant processes into their day-to-day activities.