This from Avi Troub, VP International Sales & Channel, Priority Software…
Getting company and customer data in order can seem like a daunting task, especially for those leaving it to the last minute. Up until last May, data protection laws hadn’t changed much since the 90s, which is surprising, given how much has changed, especially our digital identities. From social media, to mailing lists, to the Internet of Things, many of us are leaving trails of our digital identity, far and wide.
If you find yourself responsible for make the best technology choices for your organisation, then GDPR cannot and should not be overlooked. In fact, GDPR compliance must be at the very top of your wish list. Enter Enterprise Resource Planning. ERP, in a nutshell, is technology that helps companies manage and analyze their activities, from finances and project management, CRM to supply chain management, to HR… and everything in between, including data protection.
ERP can centralise your data securely
GDPR is all about data, and companies are having to deal with a lot of it. From word documents and excel sheets, to emails and CRM systems, many businesses are storing data just about everywhere possible. So keeping track of it can be a time-consuming, complex process, while also leaving your company prone to data breaches, as different systems will have different levels of security. An Excel document containing confidential employee data, for example, can be shared easily, and might only be protected with a password that could be accessed by several employees.
On the other hand, a CRM system may have stronger security protocols and tighter user access controls. Having multiple systems for storing data also makes it harder to locate the cause of a breach. This, in turn, prevents companies from notifying relevant authorities within the required timeframe. Because modern ERP systems are an ‘umbrella’ solution that can centralise data, it’s easier to manage data security and access permissions. After all, with ERP, there’s only one door to get through.
ERP systems are more secure
Not only does centralising data keep it more secure, but ERP systems allow for combinations of role-based security, data-based security and more. In other words, no employee will be able to access anything they’re not meant to. It’s easy to define and implement role-based security measures in an ERP system that includes securing and encrypting passwords. Your ERP system also goes that extra mile and can also manage the security of third-party vendors and suppliers.
And what about cloud ERP? For one thing, cloud ERP is generally more secure than on-premise. Leading analyst, Gartner, says that “multi-tenant services are not only highly resistant to attack, but are also a more secure starting point than most traditional in-house implementations”.
Security today is a comprehensive, end-to-end mindset that has to be built across every layer of the ERP environment, from actual network interface cards to user passwords. As a result, cloud ERP is more secure. The more secure the data you collect is, the less likely you’re prone to a breach, increasing your chances of staying compliant with GDPR.
ERP, consent and the right to be forgotten
GDPR clearly states that businesses are required to obtain consent from individuals if they want to contact them for sales and marketing purposes. Because ERP systems centralise data, companies will be able to easily locate the trail of communication if they need evidence that a prospect or customer consented to being contacted to promote products or services.
As part of GDPR’s ruling that people have the “right to be forgotten,” companies are now required to delete customer data. ERP systems make it easier to do this as all the data is in one place. If companies had to hunt through documents, spreadsheets and different systems across multiple departments to delete customer records, more likely they’ll miss something and be in violation of the regulations.
GDPR should be a welcome regulation for companies, allowing them to get their proverbial ‘house in order’. Companies should use this opportunity to ensure they’ve got the right technology in place to store their data, manage it, and above all, secure it. ERP is not only a perfect contender, it’s a perfect fit to ensuring GDPR compliance.