VPN Articles and News

Study Shows More Than 70% Of Cloud Services Violate EU Data Protection

Wednesday, January 21st, 2015

Think that migrating to the cloud is the way forward for your enterprise? Think again! As per a new study, as many as 72 percent of cloud service providers flout European Union’s proposed data protection rules. The study was conducted by Skyhigh Networks which is a Cupertino based firm specializing in delivering cloud security tools and services to its clients. The findings presented in the study are sure to upset the data migration and transition plans of European companies that have already migrated or were planning to migrate to the cloud in the near future.

As a provider of security solutions that help enterprises enforce security policies and analyze the risks associated with the use of cloud services by the employees, Skyhigh Networks is well aware of the pulse of the cloud industry. The company is also renowned for researching latest trends in the industry and publishing its findings on a regular basis. In a study conducted to gauge the level of compliance for the EU’s data protection guidelines, the firm discovered that almost three in four cloud service providers do not meet the proposed standards.

In the latest quarterly edition of European Cloud Adoption and Risk Report, Skyhigh has disclosed that the number of cloud services being used by the European companies has increased from 588 to 724 when compared with the previous quarter. However, security remains a key concern as only a handful of them (9.5%) comply with the stringent data protection guidelines (including encryption and password security). The report also revealed that top 15 cloud services accounted for almost 80 percent of cloud data and named Microsoft Office 365 and Salesforce as the most popular cloud services in the enterprise space. The company also expressed concern regarding the slow adoption of enterprise-ready cloud solutions and revealed that more than 50 percent of the cloud data still goes to non-enterprise services.

European Union’s proposed data protection directive has strict guidelines regarding how personally identifiable information of European citizens should be collected, handled and stored. The directive also states that the private data of Europeans should not be moved to countries that cannot guarantee adequate security of the data. Since a lot of cloud storage services are based in US and have servers spread across the world, they clearly violate EU’s regulations while transferring personal and enterprise data to servers located outside Europe. And while Skyhigh’s study did not cover social media, it is a foregone conclusion that most social networks would not comply with EU’s rules as well.

While the EU’s data protection directive is yet to be approved and implemented by its member states, it is only a matter of time before it becomes a reality. Once the directive is enforced, there would be mad scramble to comply with it since non-compliance would result in stiff fines and penalties. Enterprises can comply with the upcoming regulations by switching to cloud services that are based (or have servers) in Europe. To ensure total compliance, businesses would also need to ensure that their employees are not able to access popular cloud services from within their networks.

January 21, 2015

Leave a Reply

Your email address will not be published. Required fields are marked *

7 + 0 =