View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cloud
February 4, 2016updated 04 Sep 2016 10:35pm

GDPR strikes fear into IT pro hearts as compliance fears and Shadow IT deal blow to confidence

News: Just 1 in 5 companies confident of achieving GDPR compliance.

By Vinod

Only 21% of IT professionals in UK medium and large businesses are sure about their compliance with the EU General Data Protection Regulation (GDPR), while 18% admitted that the matter "strikes fear into their hearts", a Netskope-YouGov research has revealed.

A further 21% have the wrong idea that their cloud providers would take care of their compliance requirements, which is not the case as explicitly mentioned in the GDPR.

The survey commissioned by cloud access security broker Netskope attempts to highlight the extent of confusion and concern among businesses in light of the new regulatory requirements.

The European Commission is currently finalising the GDPR, which will come into force in 2018. The regulation formulates uniform rules across the EU for how businesses deal with personal data.

In addition to providing individuals a better control over their data, the move is expected to enable businesses across the continent to benefit from a Digital Single Market, where unified rules would cut red tape.

According to Netskope, organisations are going to face a compliance challenge due to cloud apps used by employees, as the data created is often unstructured.

Netskope EMEA vice-president Eduard Meelhuysen said: "The GDPR will have far-reaching consequences for both cloud-consuming organisations and cloud vendors.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

"With the ratification of this piece of legislation imminent, the race is on for IT and security teams who now have two years to comply.

"Although that might sound like a lengthy timeframe to complete preparations, the significant scope of these reforms means that businesses have their work cut out to ensure compliance in time for the EU’s deadline."

Although GDPR deals with unstructured data, it is difficult for the organisations to know how it is created and stored.

29% of those surveyed said that they were aware of employees using ‘some’ or ‘many’ unauthorised cloud apps, while just 7% said their organisations have a procedure to deal with the use of unsanctioned apps within the workplace.

Employees create data using cloud apps such as productivity or collaboration applications, and store it on mobile devices. Shared through unsanctioned applications and cloud storage, this data falls outside the control of the organisation.

Netskope’s cloud report 2015 has found that the average number of cloud apps in use per EMEA enterprise was 608, a 26% increase from the previous report.

"The technical challenges are made even more significant by the myriad complications presented by the cloud and shadow IT, which make personal data even harder to track and control.

"As a starting point for GDPR compliance, organisations need to conduct an audit to ensure they understand what cloud apps are in use – both sanctioned and unsanctioned – and what data are in those cloud apps," Meelhuysen added.

Earlier this week, the EU and the US signed a transatlantic data sharing agreement, which imposes stronger obligations on US companies to protect the personal data of Europeans.

The US has also assured the EU that it will avoid indiscriminate mass surveillance on the personal data of Europeans, and the use will be subject to clear limitations, safeguards and oversight mechanisms.

European Commission vice-president Andrus Ansip said: "Our people can be sure that their personal data is fully protected.

"Our businesses, especially the smallest ones, have the legal certainty they need to develop their activities across the Atlantic.

"The decision helps us build a Digital Single Market in the EU."


Photo: courtesy of / Luis Tapia.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.