Data Protection

Don’t Forget the Crucial “Last Kilometre” When Planning for GDPR

Stéphane Reboud By Stéphane Reboud Vice President, Support and Deployment Services Sales, EMEA May 16, 2018

How many times have you walked from an oddly placed train station wondering who chose to build the station at this location? Why didn’t they put it on the other side of the road nearer the football stadium, shopping centre, or the business park?

Or maybe you’ve been promised via a TV advertisement the latest, greatest and fastest fibre broadband, only to discover your provider has laid the cables under the street, but there’s no plan just yet to get the service from the street to your house or office? It’s tantalizingly close, but not quite there.

In both scenarios, they forgot the “last kilometre/mile.”

Don’t let this be your reality when the European Union (EU) begins enforcing General Data Protection Regulation (GDPR) on 25 May 2018. Don’t forget your “last kilometre/mile.”

GDPR and its Extensive Reach

Designed to strengthen the data protection of EU’s citizens, GDPR has far-reaching implications. It doesn’t matter if your company has headquarters in the European Union or outside of it. GDPR protects EU citizens’ personal data no matter where in the world the data is collected, stored or processed. The enormity of the task will make you catch your breath; the fine (up to €20 million or 4 percent of global annual turnover, whichever is greatest) will make you choke on it.

To give an example under GDPR, UK Telco TalkTalk’s £400,000 fine (for security failings that allowed a cyber attacker to access customer data “with ease”) would actually be somewhere in the region of £59 million. In fact, if GDPR had been in place in 2017 we could speculate fines levied by the UK Information Commissioner’s Office would be nearer to £70 million rather than the £880,550 actually levied.

GDPR is a revolutionary step for a governing body and both a proactive and reactive step to combat cyberattacks and the increase in personal data theft.

Companies who collect customer data are now required to employ Data Protection Officers. And many companies are spending great sums on perimeter security, network security applications, data encryption, and increased use of SSL to secure data online in order to better protect the data of its customers.

But Is It Enough?

The last kilometre/mile is often the most vulnerable, and in this case, it’s the end user. End users are potentially the most important link in the security chain due to personal data stored on individual desktops and hard drives, as well as the security vulnerability that comes from using their own devices.

Consider the number of mobile workers in your company and how many access private or secure data on their PCs. Have you protected this chain? What about personal data stored on hard drives of company laptops when the machine reaches its end of life date? What do you do with those old machines? How do you manage that data if a laptop or system breaks and you send it back to the manufacturer for repair?

Dell has considered every link in the chain, including the last kilometre. Our services portfolio has been laser focused on data protection for decades. We use proactive and predictive support to keep your systems from breaking and on the off-chance that they do, we let you keep your hard drive and all your data, so it’s never released into the wild.

Dell has long been the endpoint industry innovator with our data security products. And even more importantly, with hard drive retention as part of Dell ProSupport Plus, customers have an extra element of control.

Summary

So, while you’re quite rightly spending time and money protecting network infrastructure and processes and procedures, make sure you pay attention to the areas of highest vulnerability – the last kilometre/miles – your end users, your EOL machines and your data stored at the endpoint.

Learn more at dell.com/ProSupportPlus.

Stéphane Reboud

About Stéphane Reboud


Vice President, Support and Deployment Services Sales, EMEA

Stéphane Reboud joined Dell in 2003 and in May 2015 was appointed Vice President of Support and Deployment Services Sales for the EMEA region, while retaining his role as Site Leader for Montpellier, France (1,000 staff). As EMEA lead, he is responsible for driving sales of Support and Deployment Services through all sales channels: direct, partner and distribution.

Among prior engagements within Dell, Stéphane held the positions of General Manager of France’s Consumer Small and Medium Business division, EMEA Sales Operations Director and Sales Director for Southern Europe Small Business.

Stéphane started his career as a Product Manager with General Cable, an alternative telecommunications operator. He then moved to the Netherlands to set up mobile operator Orange/France Telecom Mobile as Products & Services Director, before joining Vivendi Telecom Hungary as Chief Marketing Officer.

Stéphane holds both an Engineering degree from Telecom Sud Paris and a Masters degree from ESCP Europe. He was awarded a top 3 position in the category of ‘France Sales Director 2011’ from business magazine ‘Action Commerciale’. Stéphane is a Board member of FACE Hérault (Foundation Action against Exclusion) and Vice-President of the Montpellier Business School. He is also an active ambassador of Dell EMEA engagement within the community, leading initiatives towards entrepreneurship (Dell for Entrepreneurs) and diversity (MARC – Men Advocating Real Change).

Read More

Share this Story
Join the Conversation

Our Team becomes stronger with every person who adds to the conversation. So please join the conversation. Comment on our posts and share!

Leave a Reply

Your email address will not be published. Required fields are marked *

2 thoughts on “Don’t Forget the Crucial “Last Kilometre” When Planning for GDPR

  1. While I agree that physical security of data storage devices is of utmost importance and often overlooked, is keeping your hard drive the only way to protect data on old drives per GDPR?

    • Good question…indeed the onus with GDPR is on the data owner and as such the data owner needs to take proactive steps either to retain their hardware or to work with Dell to ensure sanitisation or destruction. We can help you retire excess hardware while meeting local regulatory guidelines, protecting sensitive data, and acting in an environmentally responsible way. We help protect sensitive data by removing tags and labels from equipment. We can also sanitise all devices received in alignment with NIST SP 800-88 standard, or in the case of non-functional devices, we physically destroy the drives to prevent data recovery.