Security as a Service providers should sniff opportunity in a post-GDPR Europe

The long wait for GDPR is now over, but the ongoing job of ensuring compliance is only just beginning. 

13 June 2018

The long wait for GDPR is now over, but the ongoing job of ensuring compliance is only just beginning. The biggest change to European data protection rules in decades came into effect on May 25, 2018, affecting any and all organisations doing business in the EU. But we still have only the faintest idea of what happens next.

Will data protection authorities (DPAs) show their teeth and impose the large penalties enabled by the rules and belaboured by every article on the subject for the past year? How will the relevant authorities interpret grey areas? These first few months will be absolutely key in establishing how GDPR will actually work in practice.

The perfect SECaaS landscape

What's clear is that GDPR has been, and continues to be, a wake-up call for security. A key aspect of GDPR readiness is nailing down security defences to protect against data loss or attackers.

The regulation mandates that companies must implement appropriate technical and organisational security measures to prevent any personal data that they hold being accidentally or deliberately compromised, like in a breach. As such, organisations operating in the EU are doubling down on defences, getting their information management houses in order, busting data silos, training staff and refreshing security tools and processes.

With GDPR laws now being officially enforceable, the advent of a massive fine could lead to a second wave of activity, with businesses double checking that everything they've worked to put in place is up to scratch. As many companies will only have finalised preparations just in time for the deadline, it will be a process of trial and error making sure that new security measures run smoothly.

This means rich picking for Security as a Service (SECaaS) firms willing to commit resources to Europe, as the continent leads the way globally in data protection legislation. GDPR does not exist in isolation and compliances is not ensured just by ticking some boxes. The ePrivacy Regulation - the next EU law that comapnies will need to answer to and which complements GDPR regarding electronic communications data such as cookies - is set to follow; this scenario makes entering the European market more important than ever for SECaaS startups.

Organisations will need to start thinking of employing compliance as a service and building in defences, with secure processes capable of withstanding anything regulators throw at them. All of this combined creates an opportunity for companies able to offer this service.

Colocation can make the difference

For SECaaS providers, data center operations are central to their entire offering, and thus choosing the correct colocation partner can mean the difference between successes and failure. When you depend on constant scanning for therats, low-latency connections and secure hosting will help serve customers with a slick experience - so having a partner with the compute capacity, bandwidth and interconnectivity to deal with anticipated growth and geographic reach is crucial.

As the above makes clear, Europe is not without its complexities, from data protection laws to the many different languages. Therefore, it's also important for SECaaS companies to choose a partner that can help them navigate the challenges of understanding local taxation, language, culture, pricing, energy supply and more. As the expert in European colocation and with 20 years of experience, Interxion can help you gain the home advantage. Visit our SECaaS gateway to Europe page to read more about how our data centers can be a strategic asset for SECaaS companies seeking to expand in Europe.