Researchers at Netskope have found that the majority of cloud services being used by global firms today currently do not meet the stringent standards for the EU General Data Protection Regulation (GDPR) compliance standard.
The vendor based its findings on an analysis of 23,000 cloud service by its Netskope Active Platform which is used by hundreds of customers and millions of end users globally, between January and March 2017.
They found that 67% of services reviewed did not specify that the customer owns the data in the terms of service, 90% did not support encryption of data at rest, and 41% replicated data in geographically dispersed data centers.
These figures are alarming for both the everyday consumer as well as the company responsible for protecting this data. Let’s not forget- regulators are able to fine those not found in compliance with a maximum fine of 4% of global annual turnover- or €20m.
The industries found to be the biggest users of cloud services were Manufacturing, Retail & Hospitality, Financial Services, and Healthcare, respectively.
Now more than ever, it’s crucial that organizations prepare for the upcoming mandate. Article 32 within GDPR requires all controllers to implement appropriate technical and organizational measures together with a process for regularly testing, assessing, and evaluating the effectiveness of those measures to ensure the security of processing.
NNT can help your organization address this requirement by implementing our Change Tracker Gen7 solution to help you spot unauthorized changes in real-time and provide you with reports that prove the integrity of these systems.
By introducing NNT’s sophisticated File Integrity Monitoring solution, not only will this detect and report all changes made, but in real-time, seconds after a change has been made. Changes detected can then be assessed automatically to assist with compliance, vulnerability management, and change control.
Read this article on InfoSecurity Magazine