For those who haven’t kept up with our blog, the EU’s General Data Protection Regulation (GDPR) will come into place on May 25th, 2018.
However, it is still raising serious compliance concerns for most UK companies.
This is because many businesses have recently deployed hybrid infrastructures where they use both public and the private cloud storage.
In a recent survey, 85 percent of UK respondents agreed that encryption was the most effective way to secure the previously mentioned public cloud data.
However, from the same survey, just 21 percent said they encrypt everything stored within the public cloud.
GDPR in a nutshell
GDPR places tough restrictions regarding how any and all personal information is handled.
What information is collected from users, with or without their explicit consent, has raised a wave of privacy debates.
This forced the European Union to address this through GDPR.
The new rules, which apply to all EU citizens, is designed to place responsibility on companies that handle personally identifiable information, such as name, a home address, email addresses etc, without ensuring that this “personally identifiable” information is not properly secured.
€20 Million Fines
Even though GDPR doesn’t specifically mention tools or technologies to achieve this, most companies are turning to encryption to attain the level of privacy needed.
If a company fails to provide “sufficient” data protection for sensitive customer data, they could face a fine of up to four percent of the company’s annual turnover, or up to €20 million – whichever is higher.
Encrypting any publically stored data should become a necessity for any business – but we fear the only way companies will take it seriously is after one has been heavily penalised by GDPR.
If you would like to chat to an expert at Tier 1 about ensuring your IT disposal is GDPR compliant then call us on 0161 777 1000.