Cloud providers unprepared for new EU data protection regulations



A new piece of research claims that cloud service providers are poorly prepared for incoming EU regulations.

In fact, according to the findings of Skyhigh Networks, which took a fine-tooth comb to its CloudRegistry of some 7,000 cloud services, only one per cent of vendors meet the stipulations of the EU General Data Protection Regulation which is expected to come into play in 2015 (replacing the Data Protection Directive adopted in 1995).

The new legislation lays down regulations on data residency, encryption and security, and deletion policies along with the now notorious "right to be forgotten" ruling that was applied to Google (and other search engines).

In terms of data residency, only eleven counties currently comply with EU privacy requirements, and the US isn't one of them – and the States is where two-thirds of all cloud providers have their HQ.

Data breach notification is another thorny area, with the new laws requiring companies to notify EU authorities inside 24 hours of a data breach – even if the breach happens due to a third-party cloud provider. However, if the organisation doesn't spot the breach – as is often the case, with many cloud providers putting the onus on the company to do so – then reporting it so quickly will obviously be tricky to say the least.

Skyhigh notes that some existing laws such as the UK General Data Protection Regulation can allow a company to get round such a tight time limit on notification if their data is encrypted, but only 1.2 per cent of cloud providers offer the tenant-managed encryption keys required to do this.

Charlie Howe, Skyhigh Networks EMEA director, commented: "It's staggering how few cloud providers are prepared for the new EU regulations but, fortunately, there's still time for providers to get into shape. This means addressing a number of complex issues now, such as the right to be forgotten, as well as implementing data protection policies that meet these new standards."

He added: "For cloud providers this will inevitably require additional resources and expenditures, but it's a snip given the proposed penalties for violating the new laws, which can be up to five percent of a company's annual revenue or up to €100 million [$134 million]."




More

Taping Your Webcam Is Not Enough To Keep The Spies Out

Don’t be paranoid about your safety, act smart and take precautions.

Review: LeEco Le 2, Upping The Ante

Despite its lacklustre free content, the Le 2 is a compelling option to buy at its price.

Top 5 Mobile Games for 2016

Mobile games are very much taking over every aspect of human life with people playing them at home, on the streets, in queues, in shops, at football matches, in the cinema, and even in the toilet. So many games are now being made available to play on mobile devices but which ones are the ones to watch out for in 2016? Crashlands Survival games seem to be a massive hit with players at the moment. This could perhaps be due to the success of television shows and movies such as The Walking Dead and The Martian but it is a genre that taps into the human instinct. A desire to survive in extreme...