In a way, the challenges related to data privacy in the public cloud is like an exponential of an exponential. Use of private data is growing exponentially. The proportion of that data held in the public cloud is expected to double between 2018 and 2025. There has been an explosion in activity from data privacy regulators, increasing the cost of leaving data unprotected.
GDPR became enforceable in 2018, spawning a wave of additional privacy regulations. Since then, privacy regulations have been passed all over the world, including in California, with other states across the US following, Brazil, China, and South Korea. Many other privacy regulations are likely to be passed into law over the next few years.
It is this combination of accelerating use of data, accelerating use of the public cloud to hold that data, and growing regulatory complexity that is creating such challenges for organisations.
Yet the imperative to meet these challenges is greater than ever – data breaches are expensive, averaging $8.19 million in the US. Penalties for violation of data privacy regulations have been as high as $230 million.
Added complexity is created by the issue that public cloud zones, which do not necessarily relate specifically to regulatory requirements in any one area. Furthermore, even when public cloud zones and regulatory areas do coincide precisely, services offered by cloud providers can vary between zones. The services in some zones may be inadequate to meet regulatory requirements.
There is no magic “use this software to solve data privacy” bullet. There are, however, proven security controls that can be applied to massively reduce exposure to a breach or regulatory fines.
The use of encryption and tokenisation of data and innovations in the application of data security in public cloud environment are all examples of how data protection and compliance can meet the challenges facing organizations.
This eBook aims to help you understand the complexities of data & public cloud.
Submit your details below to access the full guide:
Registration now OPEN for PrivSec Global
Taking place across four days from 30 Nov to 3 Dec, PrivSec Global, will be the largest data protection, privacy and security event of 2020.
Reserve your place before 2nd October, and receive VIP access to PrivSec Global which includes priority access to limited space sessions, workshops, networking opportunities and exclusive content.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.