Much like the fable of the Emperor's New Clothes, there is much talk of the GDPR but little with any real substance. You have no doubt been told of the potential fines and heard of the right to be forgotten but how does the GDPR actually affect the IT security channel operationally? Rather than walking into 2018 wearing nothing, like the ill-fated Emperor in the tale. We interviewed Infinigate UK Sales Manager, Mike Tye, for his opinion on the operational challenges which he expects value-added resellers to witness as a result of the GDPR.
1. A Significant Decline in Outbound Cold Calls
No GDPR conversation is complete without mentioning the PECR (Privacy and Electronic Communication Regulation 2003). While most value-added resellers have been obeying the PECR for over 15 years, the GDPR challenges how they collected the personal data they use for cold calling and whether it is considered lawful to process. While the PECR supports an opt-out model through the TPS (Telephone Preference Service) and CTPS (Corporate TPS), the GDPR does not. Value-added resellers will need to demonstrate legitimate interests to process personal data or seek consent from data subjects. This could represent a significant challenge to organisations who have paid little attention to the outgoing DPA (Data Protection Act 1998) or how they have acquired personal data in the past.
2. A More Hostile Customer Attitude
The GDPR empowers data subjects with significant rights under the GDPR. While these rights are correct and important for the privacy of us all, data subjects are more likely to challenge data controllers. Already on social media platforms, such as LinkedIn, there are conversations relating to the right of access being used as a form of revenge, or threats of being reported to the supervisory authority for trivial matters such as a spam email. Data subject rights should in no way be eroded because of misuse or misunderstanding, however value-added resellers should ensure they are suitably educated on the GDPR to respond appropriately in cases where they do not believe they are in breach of the regulation.
3. A More tactical and mindful approach
Certainly, in the short-term, while value-added resellers evaluate their contact databases and how they ensure their personal data processing is lawful, sales teams will need to become more tactile in the way that they communicate with new prospects. The use of social media platforms or databases containing data subjects who have previously interacted with the business (for lawful and justifiable processing) will become more valuable than ever. Again, post-May 2018 people will be looking for examples of non-compliance making 2018, the year of the egg-shells.
4. An Increase in Lead Quality
With bad practices out of the window, leads might be in shorter supply but will be of a better quality. The use of inbound marketing tactics will mean that leads will have been nurtured prior to sales engagement, increasing the conversation rate. One of the more positive aspects of the GDPR in the IT security channel is that it will force value-added resellers to become leaner and more efficient in their operations. With estimates of up to 90% of the buyer journey now being completed without interaction with a sales team, the channel will have to come to accept that outbound marketing is inefficient by nature.
5. A Reliance upon Inbound Channels for Pipeline
To expand on the previous point, outbound marketing is not impossible but will need to become more refined to survive. In recent years, even without the GDPR, the IT security channel has been switching toward more inbound marketing techniques. The automation capabilities of inbound marketing technology not only save on time and money but also allow for a nurturing process, which eliminates those who are not buyers and promotes those who are. Crucially, when embarking on inbound marketing programmes, the old analogy applies, content is king. In 2018, value-added resellers will be bolstering their marketing and content writing capabilities, in exchange for traditional telemarketers to attract attention to their brand and portfolios.
Traditional value-added resellers view the GDPR with a level of suspicion for being "bad for business". However, Mike Tye believes through his experience in the IT security channel that the GDPR represents an opportunity for the channel as it’ll provide a platform to showcase thought leadership. Ultimately, we will see a shift from time spent wasted on cold, dead-end leads to nurturing warm prospects who are more likely to result in revenue.