The Channel’s Chicken & Egg of GDPR

Ian Moyse, FAST & Cloud Industry Forum Board Member : Follow at www.ianmoyse.co.uk and www.ianmoyse.cloud 

18 years on and the industry sequel to Year 2K is upon us, except this one is real and a business issue, not a technical one!

GDPR (General Data Protection Regulation) the new European (and UK) data law is something mostly overlooked or ignored at the moment, with less than 15 months until it is enforced in its full. By May 25th 2018 all 5.5M Private sector businesses and all Public sector bodies in the UK will need to be compliant with the new GDPR law.

The opportunity for the channel (Resellers, Distributors and Vendors) is huge as customers need guidance, training, consultancy and a range of products opportunities presents itself to enable an end user business to become GDPR compliant. Many vendors have already started putting messaging out through their channels in campaign style in order to try to drive more sales.

HOWEVER, much of this messaging has already proven itself to be less than clear and is falling on mostly deaf ears. Unless the customer already understands the need and has a good foundation knowledge of the GDPR, the messages will not resonate! Messaging that is being pushed from multiple sources (lawyers, vendors, consultants) whilst factual, is quite bland, generic, only presents the headline facts and lacks the colour needed to both interest and truly provide explanation.  Customers need to hear information presented in a way that hits home; not only what the law represents, but the clear realities of its impact on different departments (such as marketing) and what action to take about it.

When buying a car, few want to hear the bland, non descript and generic outline of; it has 4 wheels, a steering wheel, wing mirrors, etc as they already get this and the message would be the same from all directions. Also very few want the detailed technical intricacies of how the carburetor works. Understand my needs and explain the product to me in what solves my issues and makes my life easier and I listen. Customer centric solution selling right!, understand the needs, develop them, question them and show how your offering removes the pain and gives them gain.

In GDPR the same needs to apply. The customer is getting the same bland facts from everyone, what the fines can be (Maximums will be €20m or 4% of last year’s global turnover, whichever is the greater – but you’d have heard this already, sort of everywhere !), when it comes into play, and what the top 12 steps the ICO (Information Commissioners Office) is recommending regurgitated! What they need to hear is how it affects the business they are in, do ‘they’ need a DPO (Data Protection Officer), what do they need to do, what don’t they know that they should – in short the colour relative to them.

GDPR messaging is typically targeted at the IT staff, the Security bods and the lawyers and is missing a wide range of those that need to understands its implications (ie the leaders across the business). Directors have organisational liabilities, HR to ensure staff policies are in place and adhered to, marketing deals with a lot of personal data important to the businesses growth, Sales has a CRM containing critical business information, Finance has obligations around the data it holds (both securing and compliance) and all employees have a greater obligation to protect data than ever before (or the company may pay dearly).

Having been involved in running these GDPR Foundation courses, I have watched as audience members keen to find out, go through the phases of, ‘I didn’t realise’, ‘But that means that….’, ‘Crikey I’ll need to….’, through to ‘How do we do that?’, ‘What tools would help us do ….’, ‘who can help us with?’. Archiving, Data Destruction, Security Tools, Audit Tools, Policy Tools, etc all fall into the areas customers begin asking questions of.

So in short whilst the channel wants to sell more product it won’t happen until the customer understands the problems GDPR represents to them 1st leading to a tipping point where customers begin looking and asking for solutions that they now know they need and need soon! Right now businesses ‘don’t know what they don’t know about GDPR’ and until this gap is filled pushing product at them is going to just be noise in an area that will get even noisier as GDPR hits the headlines multiple times each day!

If you wish to know more and find out what sort of training options are available and costs click here