The General Data Protection Regulation (GDPR) requires that all user data is protected as much as possible, leaving any potential risk of breaches a real legacy issue for those still running Microsoft Windows Server 2008.

GDPR was adopted by the European parliament in early 2016 and the deadline for compliance was 25 May 2018. South Africa’s data protection law, the Protection of Personal Information Act (Popia) was enacted in 2013 but has yet to commence. However, businesses would be remiss in not ensuring they meet compliance requirements.

The Popia commencement date is estimated to be set for the first half of 2019. The GDPR deadline for compliance was 25 May 2018. The Popia deadline is expected to be set at some point in 2020. Clearly, if you have to comply with both the GDPR and Popia, you either need to do the GDPR first or do both the GDPR and Popia at the same time.

According to Pinnacle, companies failing to upgrade from Microsoft Windows 2008 will be at serious risk of non-compliance.

Pinnacle spokeswoman Michelle Losco — digital director at Publishared — says businesses need to understand the risks attached to not upgrading. “Servers still running Windows Server 2008/R2 after the end of support run the risk of being completely unsupported and unprotected as Microsoft will no longer provide security fixes after January 2020.

“Data will be at risk. This means no more security updates, which in turn translates into new vulnerabilities which will not be fixed. But compliance will remain the biggest issue. Non-compliance is not an option in terms of GDPR, which requires businesses to take appropriate steps to prevent data breaches. This includes taking a modern approach to security and personal information,” she says.

Unlawful retention, distribution, sharing or unauthorised use of personal information may result in non-compliance with Popia, which will carry onerous penalties of up to R10-million in fines, and could even result in jail sentences (in some instances of up to 10 years, depending on the seriousness of the breach.

Losco emphasises that GDPR and Popia direct that data governance is no longer just a good idea or something that will add value to businesses, but is legal requirement for most if not all businesses. “So, not upgrading from Windows 2008 is really not an option. It should also be noted that at the speed that compliance regulations are expected to be rolled out in 2018; procrastinating on timing is also not an option. It is essential to upgrade now,” she concludes.

To upgrade now, contact:

Helen Vermij — Pinnacle Microsoft brand manger via e-mail: [email protected]
Ricky Pereira — Pinnacle DellEMC brand manager via e-mail: [email protected]
Jeremy Lichtenstein — Pinnacle HPE brand manger via e-mail: [email protected]

About Pinnacle
Pinnacle is South Africa’s leading ICT distribution company built on the foundation of entrepreneurial spirit. We offer our clients a broad range of world-class technology products seamlessly delivered across an expansive footprint. Everything we do is underpinned by our technical expertise, drive and determination — we call it delivering the exceptional.

Pinnacle is an authorised and exclusive distributor for many leading vendors, allowing us to be the first to market the latest technology and ideas available.

For more information visit: www.pinnacle.co.za