Netskope is recognized as a Leader again in the Gartner® Magic Quadrant™ for SASE Platforms. Get the Report

close
close
Your Network of Tomorrow
Your Network of Tomorrow
Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.
Experience Netskope
Get Hands-on With the Netskope Platform
Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
A Leader in SSE. Now a Leader in Single-Vendor SASE.
Netskope is recognized as a Leader Furthest in Vision for both SSE and SASE Platforms
2X a Leader in the Gartner® Magic Quadrant for SASE Platforms
One unified platform built for your journey
Securing Generative AI for Dummies
Securing Generative AI for Dummies
Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
Modern data loss prevention (DLP) for Dummies eBook
Modern Data Loss Prevention (DLP) for Dummies
Get tips and tricks for transitioning to a cloud-delivered DLP.
Modern SD-WAN for SASE Dummies Book
Modern SD-WAN for SASE Dummies
Stop playing catch up with your networking architecture
Understanding where the risk lies
Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
Netskope Technical Support
Netskope Technical Support
Our qualified support engineers are located worldwide and have diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ensuring timely and quality technical assistance
Netskope video
Netskope Training
Netskope training will help you become a cloud security expert. We are here to help you secure your digital transformation journey and make the most of your cloud, web, and private applications.

Cloud Apps Face an Uphill Battle for GDPR Compliance

Mar 01 2016
Tags
Cloud Best Practices
Cloud Security
Compliance
GDPR
Shadow IT
Tools and Tips

As the marketing leader for Netskope in EMEA, I have been consumed lately with a topic that’s top-of-mind for European enterprises: the EU General Data Protection Regulation, or the GDPR. This is especially important given how little visibility enterprises have into the cloud apps their employees are using. It’s hard enough to govern what you can see, but impossible to govern what you can’t, and since shadow IT represents well over 90 per cent of cloud app usage, European enterprises are already at a disadvantage when it comes to addressing privacy in the cloud.

My team are working with privacy and legal experts to understand the legislation and how it applies to the cloud. Together with these experts, we have published this white paper and a host of additional educational materials as well as hosted numerous regional workshops to look at GDPR through the lens of cloud usage, an area that few are addressing. So, when we were doing the research for the Cloud Report that we released last week, an obvious area of analysis was how equipped the apps that enterprises are using are for the soon-to-be-ratified GDPR.

What we found is overwhelming evidence that organisations will face an uphill battle when it comes to complying with GDPR if they are using cloud apps (and they ARE) because those apps are not GDPR-ready. Specifically:

  • 12.7 per cent of cloud apps don’t support data portability requirements, which infringes on the rights of data subjects per the GDPR compliance;
  • 43.2 per cent of cloud apps keep data for longer than one week upon termination of service, going against the GDPR requirement that personal data must be protected and thus, deleted in a timely manner;
  • 59.9 per cent of cloud apps do not specify that the customer owns the data in their terms of service, which means users are at risk of having their personal data used for other purposes, such as research and marketing; and
  • 99.1 per cent of cloud apps replicate data in other geographic areas. For business continuity in the event of technology failure, disruption of power, cooling or other resources, or a natural disaster in the area, virtually all cloud apps back up or replicate user data in geographically dispersed data centers. While this is a requirement of most enterprises to ensure data availability, it may go against the GDPR’s data residency requirement.

Enterprises know it too! According to a recent study we published a couple of weeks ago, only one in five companies are confident they will comply with the GDPR, a statistic that underscores the uphill battle they face.

Even though this is the talk of the town on our side of the pond for now, state-side enterprises and their vendors should be thinking about it too. The legislation doesn’t applies not just to European companies, but any company doing business with European customers.

How are you intending to comply with GDPR in the face of cloud usage and shadow IT?    

Connect with Netskope

Subscribe to the Netskope Blog

Sign up to receive a roundup of the latest Netskope content delivered directly in your inbox every month.