About 76 percent of cloud services don't conform to EU data protection directives
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!Tweet Share on Twitter.
October 21, 2014
According to new research, about 76 percent of all cloud services don't conform to the current EU data protection directive. This new revelation doesn't surprise a few observers in the internet security community.
Enterprise cloud services firm Skyhigh Networks discovered that the majority of the cloud services used by European organizations do not meet the minimum requirements of the current privacy regulations, with data being sent to countries without adequate levels of data protection.
The transfer of personally identifiable information outside Europe simply meant that many services were operating at odds with the EU Data Protection Directive.
Worse, IT attorney at law Dai Davis, a solicitor at Percy Crow Davis & Co, said that Skyhigh's estimate is possibly on the conservative side.
"If anything, 76 percent is an underestimate," Davis said. "If you include social media used by European organizations, the number would go up closer to 100 percent. As to what to do about it, the short answer is use a German or Swiss-based company, those being the countries that take data protection most seriously."
To be sure, EU Data Protection Regulations are yet to be approved by EU member states in the Council, so they haven't come into force as of now, as our Brussels correspondent recently noted.
Skyhigh said that with stricter policies and harsher penalties set to come into force before the year is over, organizations have just a short window of opportunity to address privacy compliance issues.
This is a particular challenge since many European organizations are already struggling to enforce existing acceptable usage policies.
For example, workers often find their way around blocks set up by corporate system admins to access supposedly blocked services.
Dropbox, Instagram, Tumblr and Apple iCloud in particular are widely used within businesses despite been nominally blocked by IT teams.
Skyhigh's latest quarterly European Cloud Adoption and Risk Report, which is based on an analysis of real-life usage data from more than one million users in organizations from many industry sectors, revealed that just fifteen services sucked up about 80 percent of cloud data.
Overall, Microsoft Office 365, closely followed by Salesforce are the biggest bandwidth consumer apps in that category.
Skyhigh's report showed a slower uptake of enterprise cloud services in Europe, with more than 50 percent of data being uploaded to consumer services.
During the same period, the number of cloud services in utilization by the average company in Europe increased by about 23 percent, rising from 588 in Q2 to 724 in Q3.
And many of those cloud services aren't enterprise-ready. Only 9.5 percent of all services met the most stringent security requirements including strong passwords and data encryption, in a survey put together by Skyhigh in co-operation with industry group the Cloud Security Alliance.
Skyhigh Networks' technology allows organizations to monitor employee cloud utilization and lock down or banned apps, so it obviously has a vested interest in talking up the risk from a class of threat that its software is designed to manage.
That's not to say that the company is wrong in warning about insecure cloud app usage in enterprises, which it's all too easy to believe that it may be running out of control in several cases.
"The regulations are now well over a year behind schedule," Davis explained. "Whether the present proposals will finally be approved still remains to be seen at this time."
He added-- "Among other objections, my understanding is that the United Kingdom and Ireland don’t want a new regulation, only a weaker directive. Whatever happens, the new law will be at least another 2 1/2 years before it comes into force and if it does, because a two-year transition and implementation period has been promised."
Source: Skyhigh Networks Inc.
Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!