Reasonable, common-sense security standards are becoming law in many regions of the world. In Europe, the General Data Protection Regulation (GDPR), enacted in April 2016, will become fully applicable on May 25, 2018. GDPR will bring the European Union (EU) under one comprehensive and harmonised legal system for data protection and privacy. The monetary penalties and reputational damage of noncompliance with GDPR are substantial – the maximum fines are the greater of 20 million euros or 4% of the company’s worldwide revenue.
A comprehensive and well-structured Enterprise Mobility Management (EMM) program will be an important part of an enterprise’s GDPR compliance initiative. This document provides a framework for enterprises to proactively assess their mobile privacy and security policies and enforcement models. This document does not provide legal guidance. Each enterprise must ensure that its EMM deployment maps appropriately to its internal legal and compliance frameworks.