With GDPR just around the corner, a multitude of vendors from all areas of the technology industry will look to capitalise on what many regard as a bountiful sales opportunity.
Despite the hullabaloo around the new compliance regulation, thinking of GDPR as something that can be easily solved with a new piece of backup and recovery software, or installing a new firewall, is a dangerous route to go down, according to those who have previously spoken to Channelnomics Europe.
"I don't see a push-button solution to GDPR in the market right now. Many vendors claim to have an all-purpose product but when you take a closer look, these are really offerings that address a single GDPR issue. That's not what compliance is about," said Mike Mittel, CEO of software vendor RapidFire Tools.
"Most vendors have point solutions. They talk about GDPR compliance from the standpoint of what their software delivers, such as backup and recovery or vulnerability scanning," he said.
Mittel says that his company has, however, developed a tool that acts like a "compliance administrator in a box" called Audit Guru. The appliance claims to attach to the network and assumes the role of automating the production of mandatory compliance reports and providing ongoing issue discovery to help MSPs provide compliance for their customers.
"Our product helps the MSP produce required GDPR documentation in a highly automated fashion with clear, compelling documents designed to stand up to scrutiny in the event of an audit," said Mittel.
He admitted that technology will get MSPs only so far, with the onus being on the MSP to actively fix the issues identified by the Audit Guru software.
"There's a big service component to GDPR. While Audit Guru detects and identifies GDPR-related problems, it is still up to the MSP to actually fix the issues. For instance, if there's a software patch that needs to be updated, it's up to the MSP to apply these. If passwords on certain computers are insecure, the MSP must resolve these too," he said.
"What we've done, which is unique, is to provide the foundation technology that allows an MSP to offer a viable and comprehensive GDPR service."
In the US, auditors have become much more rigorous in the wake of high-profile data breach cases affecting large organisations, according to Mittel. He said MSPs can expect the same level of scrutiny when GDPR comes into effect this May.
"We have seen auditors in the US become more aggressive over time, with corresponding increases in fines and penalties. Perhaps the same will happen with GDPR in the EU. But one thing is certain: ignorance is not the answer to compliance," he concluded.