Spreadsheets: A data minefield?

More often than not, businesses rely on spreadsheets to store their valuable data. But without a robust process to constantly survey that data, businesses run the risk of leaving themselves wide open to breaches and potential misconduct when it comes to looming GDPR requirements.

Here are some of the issues businesses are faced with when using spreadsheets, and explores how organisations can best protect themselves from avoidable mistakes.

The GDPR bunker 

With the compliance deadline set to come into place in May 2018, GDPR – especially when it comes to spreadsheets – can turn into a big challenge for businesses. It can take some organisations weeks, even months, to get feedback on a single data enquiry, and this just isn’t quick enough. Many companies can store all the data required, but filtering it out for specific information across an entire organisation is problematic to say the least.

The timing problem is the biggest issue here. With the GDPR deadline looming closer than ever, it’s not just those working in the recruitment and finance departments that must provide personally identifiable information on demand or face the consequences; businesses and personnel across the board must comply. How then can they deliver information within the new time constraints for customers efficiently?

A single view

For businesses, a single view of their data is now a necessity, not a nicety. This has to be a functioning one though. Not a theoretical one. It has to be a comprehensive and efficient system that is an accurate and trusted source of information. It must access and interrogate all sources of data and that includes spreadsheets.

The way  spreadsheets are used across various shared and external networks leaves them open to the potential threat of data breaches. From poor version control to human error, there are many ways in which data within spreadsheets can be a ticking time-bomb, out of sight and out of mind.

Fortunately, the technology is now available to hold and query all the data an organisation has at a price-point that makes it feasible to do. With an operational single view system that automatically copies and holds all data, organisations can easily monitor the data held in both spreadsheets and all other systems to ensure GDPR compliance, with the added benefits of becoming data led and Digital Transformation enabled at the same time.

Businesses are not going to stop using spreadsheets anytime soon. They are, after all, an accustomed and useful business tool. But with the GDPR compliance deadline just a matter of months away now, spreadsheets have the potential to be an uncontrollable source of multiple breaches to the regulations. Businesses need to immediately implement a robust system to constantly survey what data is actually in them (and all their other systems). The consequences of not doing so are all too plain.


By Peter Ruffley, Chairman at Zizo,

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/