Cloud providers unprepared for new EU data protection regulations



A new piece of research claims that cloud service providers are poorly prepared for incoming EU regulations.

In fact, according to the findings of Skyhigh Networks, which took a fine-tooth comb to its CloudRegistry of some 7,000 cloud services, only one per cent of vendors meet the stipulations of the EU General Data Protection Regulation which is expected to come into play in 2015 (replacing the Data Protection Directive adopted in 1995).

The new legislation lays down regulations on data residency, encryption and security, and deletion policies along with the now notorious "right to be forgotten" ruling that was applied to Google (and other search engines).

In terms of data residency, only eleven counties currently comply with EU privacy requirements, and the US isn't one of them – and the States is where two-thirds of all cloud providers have their HQ.

Data breach notification is another thorny area, with the new laws requiring companies to notify EU authorities inside 24 hours of a data breach – even if the breach happens due to a third-party cloud provider. However, if the organisation doesn't spot the breach – as is often the case, with many cloud providers putting the onus on the company to do so – then reporting it so quickly will obviously be tricky to say the least.

Skyhigh notes that some existing laws such as the UK General Data Protection Regulation can allow a company to get round such a tight time limit on notification if their data is encrypted, but only 1.2 per cent of cloud providers offer the tenant-managed encryption keys required to do this.

Charlie Howe, Skyhigh Networks EMEA director, commented: "It's staggering how few cloud providers are prepared for the new EU regulations but, fortunately, there's still time for providers to get into shape. This means addressing a number of complex issues now, such as the right to be forgotten, as well as implementing data protection policies that meet these new standards."

He added: "For cloud providers this will inevitably require additional resources and expenditures, but it's a snip given the proposed penalties for violating the new laws, which can be up to five percent of a company's annual revenue or up to €100 million [$134 million]."




More

Microsoft Moves To Replace TV With Hololens: From The Super Bowl To Quidditch

If you didn’t turn in early to the Super Bowl you likely missed one of the most fascinating ads . This ad was a showcase of how Microsoft’s Hololens , which is in developer preview, could be used to transform TV watching. Unlike Google Glass which shines an image into your eye and provides a semi-transparent overlay Hololens is designed to fully alter what you see and hear so that you could put yourself in the position of quarterback, receiver, line, center, referee, or in the best seats in the stadium which could dynamically change based on the action. In fact the only thing you’ll miss is...

Able2Extract, a PDF wizard everyone needs

I am sure most of us have encountered the situation where you receive a PDF, but there is a typo, a wrong reference, something is missing or the data is wrong. And if you have ever tried to edit a PDF, you know what a pain it can be.

AMD And The Forgotten Benefits Of The Desktop PC

One of the interesting things I’ve been observing with regard to the near forced march to mobile devices is the increased need for a desktop computer where you can just sit and get work done. With all of the background sync capability in the various platforms provided by Amazon, Apple, Microsoft and others the old annoying problems of keeping you files in sync across multiple devices is pretty much over. You can pretty easily start creation on one device today and finish it on another. Gaming, although clearly increasingly focused on mobile devices, still favors desktop computers for the most...