'Tis the most wonderful time, of the year .. - but no, for
those of you who assumed this post would be about Christmas preparations due to
the Andy Williams classic reference, I have to let you down.
Instead, it's the time of the year when many of us stay up
late into the night, racking our brains to establish the background for and
specifics of the budget proposal for next year!
Nothing wrong with that - financial planning tends to weed
out the 'nice-to-haves' from the mandatory initiatives and investments - and
that is in part what this post is about.
"Failing to plan is planning to fail" (Alan
Lakein) and 2017-2018 will see some major changes in the IT landscape for a lot
of companies and businesses.
What are the major upcoming events on the horizon important
to note already at this stage?
From a platform point of view, it's inevitable to highlight
Windows 10. If you and your organization aren't there already, it’s time
to seriously consider tackling this change and head off the potential
dangers (and costs) of having to handle it as a rush job towards the end of Windows
lifecycle & support
Another tangible driver for this update is workstation
lifecycle rollover vs next generation of Intel chipsets – with current
information to hand, there’s no support for the Intel processor generation Kaby
Lake and onwards on Windows 7 or Windows 8, Windows 10 is a mandatory
component to obtain proper support and stable platform operations.
Looking ahead at 2018 from a business point of view, 2017 is
only one year away from GDPR
- Reform of EU data protection rules – as the directive is transposed into
national legislation.
With experience from the investments required to handle the
introduction of SOX
and SOX2 which for many businesses is an absolute must – GDPR needs to be taken
seriously, and will for example replace
PUL (Personuppgiftslagen) in Sweden, making it practically mandatory to comply
to stay in business.
The basics, on a high level, require –
-
Easy access for each employee to review the data
stored for the individual
-
Reinforced requirements regarding approval to
store personal information
-
Facilities and functionality to permanently move
information on individual level between organizations- Facilities and functionality to permanently remove information on individual level
- Incidents such as breaches must be reported within 72 hours
Failure to comply or violations against the directive incur
penalties. The penalties include fines and imprisonment for up to two
years, in current legislation – and in the EU based version, the fines range up
to 20MEUR or 4% of the global turnover of the company. If in breach, no
board, CEO or CIO will be left standing after unsuccessfully avoiding such
crippling costs to the business.
NIS is yet another such EU based directive where both the organizational processes and measures need to be aligned with IT and supported by adequate systems to comply. Again, breaches must be reported to the local authority, although the penalties involved are not at par with the GDPR scenario.
Due to the fast-moving, changing business landscape, the
heightened risk levels with business moving online vs cyber security concerns
and cross-border legislation – the age of regulation seems to be upon us, and
we’re bound to be affected by similar directives more often in the near
future. There isn’t a good way of avoiding it whilst still staying in
business, but there are a few short-cuts which make it a lot less costly and
straining to the organization. Know yourself (your business and your Customers),
the ins and outs of the processes, dependencies, deviations – keep your house
in order, and stay
open to change. With a smaller scope to analyze as implied and
mandatory delta – “only the add-on change” compared to additional unknowns in
your business operations - the smoother the change will be.
So, what will you wish for in your budget-stocking this
year?
Merry Budget Everyone!
By Fredric
Travaglia, Business Development Consultant @ Enfo
http://www.techradar.com/news/computing-components/processors/kaby-lake-intel-core-processor-7th-gen-cpu-news-rumors-and-release-date-1325782
http://www.forbes.com/sites/brookecrothers/2016/08/31/microsoft-tickler-file-alert-intels-new-kaby-lake-chip-will-only-support-windows-10/#307efb1e64cc
http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf
https://www.sec.gov/about/laws/soa2002.pdf
http://www.datainspektionen.se/fragor-och-svar/eus-dataskyddsreform/
http://www.nyteknik.se/nyheter/snart-maste-it-incidenter-rapporteras-6335912
https://ec.europa.eu/digital-single-market/en/news/directive-security-network-and-information-systems-nis-directive
http://www.travaglia.se/2016/06/id-like-two-scoops-of-change-please.html
http://www.enfogroup.com/Competence-Areas/Process-Innovation
