As the marketing leader for Netskope in EMEA, I have been consumed lately with a topic that’s top-of-mind for European enterprises: the EU General Data Protection Regulation, or the GDPR. This is especially important given how little visibility enterprises have into the cloud apps their employees are using. It’s hard enough to govern what you can see, but impossible to govern what you can’t, and since shadow IT represents well over 90 per cent of cloud app usage, European enterprises are already at a disadvantage when it comes to addressing privacy in the cloud.
My team are working with privacy and legal experts to understand the legislation and how it applies to the cloud. Together with these experts, we have published this white paper and a host of additional educational materials as well as hosted numerous regional workshops to look at GDPR through the lens of cloud usage, an area that few are addressing. So, when we were doing the research for the Cloud Report that we released last week, an obvious area of analysis was how equipped the apps that enterprises are using are for the soon-to-be-ratified GDPR.
What we found is overwhelming evidence that organisations will face an uphill battle when it comes to complying with GDPR if they are using cloud apps (and they ARE) because those apps are not GDPR-ready. Specifically:
Enterprises know it too! According to a recent study we published a couple of weeks ago, only one in five companies are confident they will comply with the GDPR, a statistic that underscores the uphill battle they face.
Even though this is the talk of the town on our side of the pond for now, state-side enterprises and their vendors should be thinking about it too. The legislation doesn’t applies not just to European companies, but any company doing business with European customers.
How are you intending to comply with GDPR in the face of cloud usage and shadow IT?