As the marketing leader for Netskope in EMEA, I have been consumed lately with a topic that’s top-of-mind for European enterprises: the EU General Data Protection Regulation, or the GDPR. This is especially important given how little visibility enterprises have into the cloud apps their employees are using. It’s hard enough to govern what you can see, but impossible to govern what you can’t, and since shadow IT represents well over 90 per cent of cloud app usage, European enterprises are already at a disadvantage when it comes to addressing privacy in the cloud.
My team are working with privacy and legal experts to understand the legislation and how it applies to the cloud. Together with these experts, we have published this white paper and a host of additional educational materials as well as hosted numerous regional workshops to look at GDPR through the lens of cloud usage, an area that few are addressing. So, when we were doing the research for the Cloud Report that we released last week, an obvious area of analysis was how equipped the apps that enterprises are using are for the soon-to-be-ratified GDPR.
What we found is overwhelming evidence that organisations will face an uphill battle when it comes to complying with GDPR if they are using cloud apps (and they ARE) because those apps are not GDPR-ready. Specifically:
- 12.7 per cent of cloud apps don’t support data portability requirements, which infringes on the rights of data subjects per the GDPR complia