A recent study showed that over 60 percent of corporate data is stored on employee endpoints. And yet, as companies work to ensure compliance with the new General Data Protection Regulation (GDPR), they still may be overlooking a few key areas. 

The GDPR globally impacts the processing of all personal data on EU residents and takes effect on May 25, 2018.

The challenge is personal data doesn’t just live in your customer relationship management (CRM) system, it also exists in a more unstructured way on your company’s endpoints.

To protect company assets and meet GDPR compliance standards, organisations need to have a firm understanding of where personal data resides, including where it is created, used and stored.
Failure to secure user endpoints could mean major fines as well as damage to customer relationships and brand reputation.

To secure potentially vulnerable endpoints, companies need to conduct a detailed impact assessment of their data systems. An important initial step in this assessment is defining what constitutes personal data.

Because the definition can vary based on context and from country to country, your company should work with its legal counsel to gain clarity.

Source: Cyber Security Intelligence