The deadline to comply with the General Data Protection Regulation (GDPR) is getting closer (25th May 2018). This new edict will offer great opportunities for companies to strengthen customer trust by bringing them more personalized solutions, resulting in greater satisfaction. Compliance can save companies from paying hefty fines, as well as bring long-term reputational gains and better understanding of their customers.
Data confidentiality will become vital in a post-GDPR world. In order to ensure it, companies will have to pay closer attention to DNS (Domain Name System). Over 90% of malware use DNS to gain command and control, exfiltrate data or redirect traffic. Hackers often remain undetected because DNS is rarely monitored and analyzed, so most malicious activity usually slips under the radar. This makes DNS exfiltration an “easier” option than other means of data theft. Recent research showed 32% of companies have intellectual property stolen by data exfiltration via DNS.
Companies can show their customers that their personal information is in good hands by making sure data privacy is respected throughout the organization. By implementing a highly secure DNS system to act as a gatekeeper, organizations can help ensure data confidentiality as advanced DNS security features are able to detect and block suspicious activity.
Being GDPR compliant enhances customer trust
GDPR is currently viewed by most organizations at best as an annoyance, and at worst as a threat to their productivity. Sadly, in the news it is mostly associated with heavy fines, a conundrum for every IT and legal department, and HR hell for teams having to hire, assign or promote a data protection officer (DPO).
However, despite the bad press, GDPR will result in reinforced customer confidence. As companies grow more transparent as to how they handle their customers’ personal data and private information, their reputation can only improve if they are well-prepared. Implementing solutions to protect data could restore trust that has been wavering with the recent string of cyber attacks hitting large businesses (Equifax, Deloitte, HBO) and a number of hard-hitting malware (WannaCry, NotPetya, BadRabbit).
Only organizations willing to go the extra mile will be able to differentiate themselves, those utilizing specialized DNS protection and not relying only on outdated legacy firewall solutions. Duncan Brown, Associate Vice President at IDC, explained: “Enhanced DNS security is an added layer of protection when considering security and privacy for the network, data, and customers, while preserving reputation and enabling GDPR compliance”.
GDPR recommendations are for the organizations’ own good
GDPR will help organizations provide a customer-centric security solution which differentiate them positively in the customer’s mind. Data theft and outages are major customer concerns, as their impact is not just financial as it also causes lasting brand damage.
The Macy’s outage on Black Friday last year and its credit card system outage this year has taken a toll on the brand’s reputation. These issues are costing billions to retailers each year. UK retailers look prepared to prevent online outages, but the resulting queues is not the experience customers were looking for when shopping online.
Brand damage will result in customer churn, but it can be avoided by reducing data theft and ensuring the business is operational at all times. Data privacy will also be taken more seriously, encouraging companies to manage their data more effectively, consolidating it into a unified platform: being able to locate, analyze and report on the data.
GDPR is driving businesses toward those positive changes that will help them retain and gain customers by complying with the recommendations of the regulation and taking necessary steps toward customer satisfaction. Smart organizations will be prepared in advance of the GDPR deadline in May 2018. They will reap short and long term benefits.
Five advantages for well-prepared organizations
- Financial benefits: Increased trust in online services will not only allow companies to retain more customers, it will also attract new ones as confidence in an organization and its secure services grows. E-commerce and Financial Services organizations are sure to reap direct tangible benefits.
- Reduced cost for breach remediation: Organizations are currently paying the price for every data breach, losing manpower and time fixing them.
- Long term reputation and brand image benefits: Doing everything you can to detect threats and avoid breaches reduces the risk of being caught in a negligence scandal, making compliant businesses a respected service provider to the increasing security-conscious customer.
- Innovation benefits: Innovative businesses can deliver relevant data protection technologies, avoiding outages and overflow of traffic, and offering flexible solutions. Innovating network operations and services will have a positive impact on consumers.
- Bringing the company closer to the customer’s concern – their data: A customer-centric approach to data and going beyond compliance is a strong differentiator, and will bring companies closer to the customer as they share the same concern for their privacy.
The good news about GDPR, data protection and data management
GDPR doesn’t have to be a series of chores, or an IT ordeal. The right security infrastructure, an effective data management process and above all a real commitment from the company to be customer-centric can bring immediate, real benefits. Companies which understand this will be the true winners, gaining long term customer loyalty.IDC - GDPR and DNS-based data breaches