Much has been made of the impact the General Data Protection Regulation (GDPR) looks set to have upon businesses come May next year. And with good reason too. But could the advent of the GDPR be a further incentive for businesses to move to the cloud, thereby reducing the risk of data exposure and punitive fines?

In short, yes. By making the switch from on-premise systems to the cloud model or by moving a proportion of your business into the cloud, you can help to spread your IT workload and in turn lower your costs and exposure to risk in the process.

Affecting businesses large and small, the primary aim of the GDPR is to usher in a new, improved playing field when it comes to the data protection of EU citizens. Those handling personal data will need to adhere or face fines of up to four percent of their annual turnover or €20 million, depending on whichever is greater.

…many businesses will be running legacy IT applications and solutions which have been patched and added to over the years and will almost certainly leave data exposed under the new terms set out by the GDPR. Could you, for instance, identify a breach and notify the data protection authority within 72 hours of finding this?
Neill Lawson-Smith, Founder and Managing Director

Of course, many firms are already looking at a cloud-first route when it comes to their future IT strategy. But how do you know if this is something you should consider?

As it stands many businesses will be running legacy IT applications and solutions which have been patched and added to over the years and will almost certainly leave data exposed under the new terms set out by the GDPR. Could you, for instance, identify a breach and notify the data protection authority within 72 hours of finding this?

Cloud makes sense for other reasons too. It can turn IT into a strategic asset for SMEs and enterprises that don’t have in-house expertise and wish to free up their IT team from what has often been seen as ‘firefighting’ mode. Another major bonus of deploying specialist cloud solutions comes in the additional benefits offered when it comes to securing data and being able to manipulate this to business advantage.

By utilising an outsourced solutions provider for IT, contracts come with firm SLAs and guarantees such as 99.999% reliability – something most internal IT departments couldn’t even hope to get close to.

In addition, opting for a GDPR compliant cloud solutions provider that can deliver your solutions safely and on-tap will allow you to focus on your core business and could well save you unwanted attention from the regulator too.

But what sort of things should you be looking for? From the outset you should ask any cloud provider if they are already GDPR compliant, are aligning with the industry code on this, and whether they have measures in place to be complaint with this in advance of May 2018? Remember, any business wanting to act as your hosting provider or cloud host has a responsibility towards you too. As a processor of your data, have you checked your contracts as a controller bind the cloud hosting provider (who will be your data processor).

Consider private cloud solutions for instance. Whereabouts is your would-be provider storing your data and what measures are they taking to secure this? Is your data stored in a secure ISO 27001 military grade UK Data Centre or bunker that meets IL3 construction and security standards? And what residency guarantees do you have when it comes to your data?

There is certainly much for firms to consider when it comes to moving IT assets to the cloud and the qualification behind this must always be based upon strategic thinking that delivers business optimisation and measurable improvements to the bottom line. GDPR further complicates the issue for any company processing personal data and it may well be that your business also needs to appoint a Data Protection Officer if you are operating at the larger end of the scale.

If you’re in any way concerned that you don’t have complete visibility and control over the data you hold or who might be processing it or storing it, then you will certainly struggle to be compliant with the GDPR. Cloud, grounded by the principles discussed above, in conjunction with a full risk assessment by CIS will help get you there. Don’t delay, the clock is ticking.

Get in Touch

(Read Data Terms Policy)

Client Feedback

We are delighted to be working with CIS, the project is already looking well organised and innovative. CIS delivers a prompt professional service with trusted knowledge we can rely on at all times.

John Story, Head of IT

St Paul’s Cathedral

CIS have been our go-to IT supplier for nearly 20 years, and throughout that time they have been flexible, consultative, and above all putting our business at the forefront of their advice. I would be very pleased to recommend them for any company that needs to have a real partnership with their IT company.

Graham Hughes, Managing Director

Rovema UK Ltd


Keep Up To Date


CIS Overview



  • CIS Private Cloud
  • Infrastructure as a Service
  • Backup & Disaster Recovery
  • Remote Desktop Services


  • Anti-Virus & Ransomware
  • Extensive Encryption
  • Firewall & Next-Gen UTM
  • Penetration Testing
  • Digital Rights Management
  • Phishing
  • Mobile Device Management


  • Exchange Server Hosted & On Prem
  • Mail365
  • Unified Communications
  • Office 365
  • Mobile & VoIP Telephony
  • Internet Connectivity


  • Consultancy
  • Analysis & Audit Services
  • User Training & Enablement
  • Fully Managed Support


Since its inception in 1989 CIS’ philosophy has always been the same. We believe that in order for our team mates to provide the best possible service to our clients and to remain motivated and inspired themselves, we have to create a positive and stimulating working environment. One that encourages ambition, a continued exchange of ideas and dialogue, hard work, performance and loyalty. We have always rewarded our staff for going the extra mile and for embracing our company ethos but we also aim to make their working experience enjoyable and fun, working on the basis that humour can go a long way and fairness and respect are paramount.



Even though we say this ourselves, our portfolio is first class. We offer a range and quality of Cloud Services that can cater for all our customers’ business goals and aspirations. It’s our job to find the perfect solution for your requirements and you’ll benefit from the research and development carried out by our team to find the ideal system solutions for you.



Partners are vital to the ongoing success of our company so we nurture our award-winning network of like-minded organisations, building up mutual trust and respect in our working practices that can only benefit our customers.



It has always been of key importance to CIS to achieve high levels of productivity and to ensure that we remain s highly effective, lean and fast-moving organisation. It allows us to keep ahead of the game and to spot and act upon new products and trends whenever possible. By keeping on our toes, we can pass on benefits to our clients and partners without the need for time consuming learning curves.