GDPR is finally here and many are still struggling to get up to speed. Rigid regulations coupled with the threat of daunting fines seem to have overwhelmed businesses, even though they have had ample time to prepare. Mobility management providers have the task of creating and maintaining secure solutions in order to lower the risk of data loss. Mobile data that isn’t secure is a major red flag when it comes to GDPR.
The information that GDPR applies to is categorized as “personal data” and “sensitive personal data,” according to the Information Commissioner’s Office (ICO). The ICO states that personal data refers to “any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.” This includes, but is not limited to, names, identification numbers, and location data. Sensitive personal data includes genetic data and biometric data that could be used to identify an individual.
As much of mobile data is included in these two categories, specifically personal data, mobility management solution providers must be operating at peak performance to ensure that this data is not compromised. But how are these providers responding to GDPR now that it’s been enforced? We’ve compiled responses from the top three Enterprise Mobile Management (EMM) providers, MobileIron, BlackBerry, and IBM.
MobileIron has used the implementation of GDPR to remind users that EMM solutions are a way to create a cohesive GDPR-compliant security program. The vendor has created a Mobile GDPR checklist containing best practices for organizations that need to ensure that they are compliant. Amongst other recommendations, MobileIron advises that companies keep their apps and devices updated, containerize business data, establish transparent communications with employees, and regularly audit and monitor compliance.
BlackBerry has responded by ensuring its users that they are compliant with GDPR. In a recent blog post, Data Protection Officer (DPO) of the company, David Blonder states, “we have kept good records and documentation of our compliance efforts, and we have updated our internal policies and processes to ensure privacy is embedded in our thinking; from how we develop our products to how we engage with our customers.”
The company also emphasized the fact that GDPR compliance needs to be maintained. In Blonder’s words, “GDPR compliance today does not equate to GDPR compliance forever.”
IBM has created a comprehensive page dedicated to GDPR. This page offers a GDPR readiness assessment in addition to a general GDPR overview and a number of resources containing more information on the subject. The vendor also lays out the services it can provide in the process of becoming compliant, which include security, analytics, cloud, and data storage.
IBM made a statement about its commitment to GDPR readiness, which read, “as part of IBM’s ongoing commitment to privacy by design, IBM has embedded data protection principles even more deeply into its business processes, products, and services so that our clients can better meet their own data protection objectives.”
Latest posts by Tess Hanna (see all)
- Essential Elements of Mobile Security - June 22, 2018
- 3 Key Tips to Optimize Your UEM Solution - June 21, 2018
- UEM or EMM: What’s Better for Endpoint Management? - June 20, 2018