View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cloud
October 27, 2017

Why GDPR is the perfect time to overcome inefficiencies & future proof your business 

Don't be discouraged by the challenges that come with reshaping the way their organisation approaches data privacy. 

By James Nunns

More data will be created in 2017 than in the last 5,000 years combined . The digital age has brought with it a proliferation of new platforms, applications and devices that are fuelling the unprecedented creation of content. In fact, Gartner predicts we’ll see an 800% growth in data volume in the next five years — 80% of which will be unstructured.

While more data provides greater intelligence, and with that better business

David Benjamin, GM and SVP EMEA, Box.

opportunities, it also comes with a challenge. As the amount of data continues to grow, it’s becoming harder, costlier and more time-consuming to keep track of it all. This is particularly so against a backdrop of increasing compliance pressures and hurdles, which enterprises now need to manage daily. These legislative requirements can be highly complex, non-prescriptive and time consuming, yet non-compliance can lead to serious financial and reputational damage.

The latest legislation to affect businesses is, of course, the General Data Protection Regulation, (GDPR). From 25 May 2018, when the legislation comes into effect, there will be considerable impact on how all business collect, process, use and share data. The impact will be felt widely, as it effects every business department, across all industries.

In order to be compliant with the GDPR, businesses will need to employ stricter data security. They will need to have more granular personal privacy handling obligations, and very likely more investigations and audits.

While the GDPR is seen by many as a turning point, providing an opportunity for companies to make big improvements to their data collection, stewardship and sharing, it won’t be the last compliance hurdle businesses will face.

Of course, companies need to ensure they comply with the new rules, however within the moving landscape of data privacy, data residency and industry specific regulation, they need to make sure that any updates and improvements they make now, future proofs the business to minimise chances of exposure as new legislation arises and existing legislations change and develop.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Ultimately, all compliance is based on data visibility – understanding the data and information that your business is in possession of. And it’s here where, long-term machine learning and eventually artificial intelligence will be incredibly valuable.



Compliance is an area ripe for innovation. With so much data and content being created, businesses are no longer able to manage and track through manual processing. Long-term machine learning and intelligence is the only scalable way to solve the compliance challenge and provide businesses with a better understanding of the data and information they possess, and support the building of a platform for business analysis based on accurate, concise, and clear information.

The rate of innovation in machine learning is staggering, but to extract value from these innovations to cultivate a modern compliance and security model, businesses need to operate in a cloud environment, and there are numerous benefits to this which reach all aspects of the business.

For example, businesses can now for the first time ever, leverage state-of-the-art machine learning tools such as computer vision, video indexing, and sentiment analysis and apply them to a wide range of content. With these, individual pieces of content will have automatic, intelligent metadata which is revolutionising how people manage a range of content, streamline workflows, establish retention policies, and apply classification, to name only a few.


Data Residency

One area that organisations need to be particularly aware of is the complex and varying regional and local data residency laws, which require attention to detail and a clear strategy, considering the potential penalties available under GDPR if companies fail to comply with cross-country data protection laws.

The public cloud delivers cost savings by locating in different parts of the world, however, it’s important to do your due diligence and research the cloud content management providers that you partner with. This includes selecting those that have a longstanding reputation for security, have built a clear infrastructure, and demonstrate accountability and good governance. At Box, for example, we have created Box Zones that allow data to remain within countries, we work closely with Europe’s Data Protection Authorities (DPAs), and have received approval for our Binding Corporate Rules (BCRs), we also have Privacy Shield, TCDP and C5.

The GDPR is providing organisations an opportune moment in time to address long-standing inefficiencies to increase security, and build a strong platform for intelligent insights that will take them into a new era of compliance. When doing so, they must embrace the opportunity to reimagine compliance and future proof their business beyond the GDPR, and not be discouraged by the challenges that come with reshaping the way their organisation approaches data privacy.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.