Most Cloud Services Still Not Compliant with GDPR Requirements – Report

A majority of the enterprises have still not adjusted their cloud services to meet GDPR requirements. The General Data Protection Regulation deadline is only a few months away. By May 2017 every organisation must be compliant.
A report from Netskope stated that almost 75% of all cloud services from EU enterprises affected by the new law lack the key components to be GDPR ready.

The study researched components such as the location of data storage, encryption levels, and the data processing agreement policies that enterprises had in order to achieve a relevant rating. The study found that those enterprises, on average, have slightly over 1,000 cloud services deployed. Of this total, only 24.6% had a high rating based on the GDPR components researched on.

Sanjay Beri,  CEO and founder of Netskope, stated that cloud adoption is impossible to avoid and increases the value of all types of businesses in the world. Beri added that the adoption of cloud brings about great challenges based on security. GDPR regulations pose as one of the more complex ones continues Beri.

Beri stated that visibility and real-time management of an enterprise’s cloud usage and activities consistently over all the servers is paramount in understanding the means of use and customer data and the protection systems, hence complying with GDPR.

The research also examined the threats that puts data at risk. The report from the researchers determined that backdoors were the highest threat within the sector. Backdoors accounted for 27.4 percent. Ransomware came next on the threat list with 8.9 percent. Adware and Javascript accounted for 8.6 percent and 7.2 percent consequently.

The other threat identified were Mac malware, Microsoft Office macros and PDF exploits.