Forbes CommunityVoice Connecting expert communities to the Forbes audience.What is This?

Forbes allows professional fee-based membership groups ("communities") to connect directly with the Forbes audience by enabling them to create content – and participate in the conversation – on the Forbes digital publishing platform. Each topic-based is produced and managed by the group.

Opinions expressed within Forbes are those of the participating individuals.

Five Benefits GDPR Compliance Will Bring To Your Business

Post written by

Michael Fimin

CEO and co-founder of Netwrix, helping customers to mitigate security risks in hybrid IT environments.

Most of the media coverage of the EU's General Data Protection Regulation (GDPR) has been focused on the ridiculous multimillion-dollar fines businesses can face if they fail to protect customers’ data. Vendors and suppliers play up the same card to boost sales for their products and services. Of course, the price of noncompliance with the GDPR is not something one can afford to shrug off.


However, the problem with concentrating on the punitive side of the GDPR is neglecting new business opportunities. The real driver for adopting new compliance principles should be to make your business more efficient, secure and competitive. Let us take a look at some of the carrots that many may leave out while scaremongering about GDPR sticks.

Benefit One: Enhance Your Cybersecurity

There is no company in the world that can afford to take the risk of cybersecurity ignorance, given the costs of data breaches and business downtime caused by theft or loss of critical data. It does make sense to take data privacy seriously and the GDPR can help you establish a security-conscious workflow.

The legislation requires organizations to identify their security strategy and adopt adequate administrative and technical measures to protect EU citizens’ personal data. It is close to impossible to ensure the integrity and security of specific types of data that travel across the network and leave the rest of the IT environment out of scope. In fact, the regulation encourages you to reevaluate and improve your overall cybersecurity strategy: You will have to establish thorough control over the entire IT infrastructure, build healthier data protection workflows and streamline security monitoring. These activities will help your organization reduce the attack surface, better understand what is going on across your network and decrease the likelihood of having to pay what some organizations think of as a "cyber tax," caused by rising attack numbers and system outbreaks.

Benefit Two: Improve Data Management

To be compliant, you should know precisely what sensitive information you hold on people. Obviously, the first thing you want to do for your GDPR compliance is to audit all the data you have. This will enable you to minimize the data you collect and hold, better organize storages and refine data management processes.

First, you will be able to detect and get rid of redundant, obsolete and trivial (ROT) files that your organization retains, though they don't have business value. By cleaning up the data, you will slash costs on storing and processing this data and probably erase sensitive ROT data, such as former customers’ personal information. Such data poses a high and unjustified risk to your organization, so why take responsibility for something that has no value to you.

Second, after you analyze all data you have, you can implement mechanisms for fulfilling another GDPR requirement -- making data globally searchable and indexed. This will help you more easily handle subjects’ requests to delete the data if they exercise their right to be forgotten. On the other hand, this requirement will encourage you to reorganize data storages so your staff will be more productive and efficient while working with accurate, easily searchable and accessible data.

Benefit Three: Increase Marketing Return On Investment (ROI)

One of the key principles of the GDPR is that the organization should implement an opt-in policy and have a data subject’s consent to process their personal data. Combined with purging irrelevant ROT information stalling your marketing, such as lost leads or unengaged addresses, you will receive a lean fine-tuned database of highly relevant leads and customers that genuinely want to hear from you.

With this information at hand, you will be able to experiment with niche marketing by tailoring your message to the specific needs and habits of a clearly defined audience that has more interest in your brand. Such a granular marketing approach will result in higher click-through, conversion rates and social sharing, and increase your marketing ROI as budgets and efforts will be spent wisely.

Benefit Four: Boost Audience Loyalty And Trust

GDPR compliance can support your business in helping you build more trusting relationships with your customers and the public generally. When gathering consents to use data subjects’ data, you will have to explain clearly and concisely how you will be using their personal information. Since consumers are becoming more and more suspicious about how their data is handled, the transparency and responsibility you demonstrate will encourage trust in your brand. Thus, you can use the GDPR to underline that you do care about the privacy of your current and prospective customers and stand head and shoulders above your competitors.

Benefit Five: Become The First To Establish A New Business Culture

There is nothing new about businesses being animal-friendly, eco-friendly, LGBT-friendly, though 10-15 years ago it seemed impossible. Why not become human privacy-friendly? Organizations should think of their brand as a decent human being that doesn't just consume to sustain itself and grow but also contributes to the community.

The GDPR is a promising first step toward a new business culture that can become a norm just like separating food waste and plastic or recycling old bulbs -- respect and secure the data of all people who entrust their sensitive information to you. By adhering to the GDPR, you will cultivate the values of data security in your employees and nurture social responsibility in business. This way, you will be among the first to introduce a new mindset of respecting customer data privacy.

While no one denies that complying with the GDPR is hard, a wise leader takes this challenge as something more important than just doing the bare minimum to comply. It is time to look forward to the benefits the legislation will bring. They are the benefits that may give your organization the competitive differentiation it needs to succeed and be among the first to implement a new business culture that cherishes human privacy. The GDPR is your opportunity to excel.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?

CEO and co-founder of Netwrix, helping customers to mitigate security risks in hybrid IT environments.