The EU's General Data Protection Regulation (GDPR) intended to strengthen data protection is due to come into force in May 2018, yet new research from content management company Metalogix shows IT professionals in many countries aren't prepared for it.
Among the top IT considerations for a cloud archiving solution, GDPR readiness ranked only fourth, named by 26 per cent, behind security (79 per cent), administrative control (50 per cent), and service level agreements (44 per cent).
IT professionals in the DACH (Deutschland, Austria and Switzerland) region are three times as aware and concerned (77 per cent) about the implications of the GDPR as other regions including the rest of EMEA and North America.
"High awareness of GDPR in the DACH region showcases just how critical the regulation is to today's data protection and retention strategies," says Paul LaPorte, director of product marketing at Metalogix. "But, it also reveals that the lack of preparedness across other European countries and North America, where there are numerous global organisations operating under GDPR in the European Union (EU), can create great risk. IT and security executives need to become more deeply educated on the implications of GDPR - which can be as large as 20M Euros or 4 per cent of an organisation's annual revenue - so that they can better protect the personal data under their control and ensure compliance".
The study also finds that SharePoint administrators are among the most concerned (58 per cent) about GDPR while IT professionals responsible for archiving (26 per cent) and backup (20 per cent) were much less worried. This suggests that some applications, like SharePoint, may have greater compliance pressures than other application platforms.
With deeper knowledge of risky operations such as Shadow IT, where employees use unauthorised consumer applications for file sharing, SharePoint administrators are much more in tune with the dangers of failing to comply with GDPR.