Salesforce.com to customers: 'Migrate now to be GDPR compliant'
Friday 8th December 2017
Last week, one of our customers opened his inbox to find an email from Salesforce.com. Its message was stark. SalesforceIQ CRM—a product his company had used in the past—was not and would not be made GDPR-compliant. To stay safe, he had to migrate its data to Sales Cloud or another product by the time the GDPR comes into force on May 25, 2018.
Our customer was lucky. Salesforce.com did the right thing and now he has time to do whatever is necessary to make sure his company isn't at risk. But what about the other 15,000 software-as-a-service companies with B2B offerings?
Your fate is in your users' hands
With so many SaaS services available, many little more than start-ups and more still based outside the EU, it's impossible to feel confident that every service your company uses will be so diligent. Some simply may not have the resources to audit their services for GDPR compliance, or even be aware that they need to.
And even if they do do everything right — conduct a thorough audit and warn customers of potential risk—who will they notify? In most companies, users sign up for cloud services without telling IT or the compliance team. In that case, you won't be the one who gets the email about GDPR risks; it will be your users, who may not even bother to read it.
After 25 May, your contracts with third-party data processors must be GDPR compliant. If they're not, you may be legally liable. The fine for non-compliance is €20 million or 4% of annual global turnover, whichever is bigger. That's a lot of money to pay out because someone in sales didn't read the emails from the SaaS service he signed up for.
You can't fix problems you can't see
If someone signed up for a SaaS service without your knowledge, how are you supposed to even know about that service, much less audit it for GDPR compliance. You need a cloud-discovery service. The right service is quick to set up, easy to use, and non-intrusive. It should scan your network, analyse the traffic, and tell you which SaaS services are in use on your network and who is using them.
Ampliphae does all of these things. And we maintain a global database of SaaS applications which tells you at a glance the risks associated with each SaaS service, including where and how the data is stored and any other relevant information. Our technology also gives you regular updates, so you can see in close to real-time which services users are signing up for and how fast adoption is spreading across the company. Ampliphae also gives you the tools you need to efficiently and smoothly migrate users and data from non-compliant services to approved ones.
Protect your company, today. Find out how you can deploy Ampliphae on your network.
Nigel Oakley, Business Development Director, Ampliphae Ltd
Mobile +44 (0) 7791 405 539