fbpx

Download free GDPR compliance checklist!

Tag Archives for " cloud "

Legal clouds gather over US cloud services, after CJEU ruling

In the wake of landmark ruling by Europe’s top court Europe’s lead data protection regulator has fired its own warning shot at the region’s data protection authorities (DPAs), essentially telling them to get on and do the job of intervening to stop people’s data flowing to third countries where it’s at risk.

In its ruling CJEU stroked down a flagship transatlantic data transfer framework called Privacy Shield, and cranking up the legal uncertainty around processing EU citizens’ data in the U.S. in the process. Now, any sense of legal certainty U.S. cloud services were deriving from the existence of the EU-U.S. Privacy Shield — with its flawed claim of data protection adequacy — has vanished.

Source: Legal clouds gather over US cloud services, after CJEU ruling | TechCrunch

52% of companies use cloud services that have experienced a breach

Use of personal devices when accessing cloud services and the sprawl of high-risk cloud services drive new areas of risk for companies using the cloud.

Seventy-nine percent of companies store sensitive data in the public cloud, according to a McAfee survey. While these companies approve an average of 41 cloud services each, up 33 percent from last year, thousands of other services are used ad-hoc without vetting. In addition, 52 percent of companies use cloud services that have had user data stolen in a breach.

Source: 52% of companies use cloud services that have experienced a breach – Help Net Security

Most organisations still misunderstand cloud security

A report based on a survey of over 700 respondents from the United States, Canada and UK, foundthat 60% of respondents misunderstand the shared responsibility model for cloud security and incorrectly believe the cloud provider is responsible for securing privileged access.

Furthermore, 68% of organisations are not employing a common security model or enforcing least privilege access to reduce risk, and the majority list security as their main challenge with cloud migrations.

Source: #Privacy: Most organisations still misunderstand cloud security, report reveals

Organisations worldwide failing to adequately protect sensitive data in the cloud, study finds

A new global study from Thales, with research from the Ponemon Institute, has exposed an increasing disparity between the rapid growth of data stored in the cloud and an organisation’s approach to cloud security.

Although nearly half (48%) of corporate data is stored in the cloud, only a third (32%) of organisations admit they employ a security-first approach to data storage in the cloud.

Source: #Privacy: Organisations worldwide failing to adequately protect sensitive data in the cloud, study finds

Your Data Might Be Safe in the Cloud But What Happens When It Leaves the Cloud?

Cloud service providers can successfully protect data physically and technologically while it is in the cloud, but that information can be vulnerable to hacking as soon as it leaves the cloud to interact with another system.

To protect your data through every transaction, take the following measures:

  1. Practice internet safety.
  2. Encrypt connected devices.
  3. Use multifactor authentication (MFA).
  4. Protect backups.

Full article: Your Data Might Be Safe in the Cloud But What Happens When It Leaves the Cloud?

Security is the no. 1 IT barrier to cloud and SaaS adoption

Security is the top barrier in cloud and Software as a Service (SaaS) adoption for enterprise IT infrastructures, according to a Ping Identity report released on Wednesday.

Some 43% of IT professionals surveyed said that security is the biggest obstacle for cloud adoption, and 37% said security is also the biggest barrier to SaaS adoption, said the report.

Source: Security is the no. 1 IT barrier to cloud and SaaS adoption – TechRepublic

Cyber attackers to use sophisticated tools against Cloud in 2019

Cyber attackers will use more sophisticated tools in 2019 to take advantage of the changing technology landscape and prey upon evolving corporate technology environments especially Cloud.

The attackers will leverage proven methods against growing Cloud adoption; more vulnerabilities will be found in Cloud infrastructure, such as containers, and weak Cloud security measures will allow greater exploitation of accounts for cryptocurrency mining.

Full article: Cyber attackers to use sophisticated tools against Cloud in 2019: Report- Technology News, Firstpost

Recommendations on processing data in the cloud

A recent report published by Ireland’s data protection watchdog provides a helpful reminder to businesses to take additional steps to secure personal information when processing it in the cloud, avoid the common pitfalls associated with technology-related data breaches and take advantage of cloud solutions securely.

According to the report, the majority of the technology-related breaches resulted from a data controller’s use of cloud-based environments hosted by third party cloud service providers.

Full article: Recommendations on processing data in the cloud

Data watchdogs seek ‘added value’ in GDPR cloud codes

A revised version of the EU Cloud Code of Conduct was published earlier this month. It is the latest version of a code of conduct developed by the cloud computing industry and has been put forward as helping cloud service providers to meet their obligations under the General Data Protection Regulation (GDPR).

However, the code will only be truly relied upon to show effective GDPR compliance if it is approved by data protection authorities. To-date, none of the other codes the cloud industry has developed have had that approval.

Full article: Data watchdogs seek ‘added value’ in GDPR cloud codes

1 2 3
>