Technology Cloud Contributor

The Competitive Cloud Data Center

The Competitive Cloud The corporate data center was long the defacto vehicle for all application deployment across an enterprise. Whether reporting to Real Estate, Finance or IT, this relationship served both data centers and their users well, as it allowed the organization to invest in
Part 2 - Identity Assurance by Our Own Volition and Memory

Part 2 – Identity Assurance by Our Own Volition and Memory

Identity Assurance by Our Own Volition and Memory We believe that the reliable identity assurance (See part 1) must be built on three prerequisite principles as follows. Volition of the User – with Self-Determination, Identity authentication with no confirmation of the user’s volition would lead

CONTRIBUTORS

How Leading Organizations are Leveraging Big Data

How Leading Organizations are Leveraging Big Data

Seeing The Big Data Picture “Data will talk to you if you’re willing to listen”— Jim Bergeson. Few can dispute ...
Combatting Malware in the Cloud Requires a New Way of Thinking

Combatting Malware in the Cloud Requires a New Way of Thinking

Malware in the Cloud It’s no secret that cloud adoption has exploded in the enterprise over last few years. However, ...
A Smart Data Approach to Assurance in a Hybrid Cloud Environment

A Smart Data Approach to Assurance in a Hybrid Cloud Environment

Smart Data Microsoft and Amazon both reported significant growth in their cloud businesses recently. Revenue for Microsoft’s Azure increased by ...

RECENT NEWS

Amazon picks New York City, Virginia for $5 billion new headquarters

Amazon picks New York City, Virginia for $5 billion new headquarters

SAN FRANCISCO (Reuters) - Amazon.com Inc (AMZN.O) said on Tuesday it will build offices for up to 25,000 people in ...
Capgemini in Gartner Magic Quadrant

Capgemini in Gartner Magic Quadrant

Paris, November 9, 2018 – Capgemini, today announced that Capgemini (Prosodie) has been positioned as a Leader by Gartner in its ...
The New Industrial Revolution – According to the WSJ

The New Industrial Revolution – According to the WSJ

The insert in today’s US print edition of the Wall Street Journal is called The New Industrial Revolution. The paper updates ...
Alibaba's on-demand online services unit valued at $30 billion: sources

Alibaba’s on-demand online services unit valued at $30 billion: sources

HONG KONG (Reuters) - Alibaba Group’s newly formed on-demand online services unit has rocketed in value to as much as ...
Batteryless smart devices closer to reality

Batteryless smart devices closer to reality

Researchers at the University of Waterloo have taken a huge step towards making smart devices that do not use batteries ...
intralinks-ceo-ron-hovsepian

Living In A Post-Safe Harbor World: What Your Company Needs To Know

Living In A Post-Safe Harbor World

With the striking down of the Safe Harbor agreement in October, we have seen the tip of a data privacy iceberg whose global implications will play out well into the new year. In 2016, U.S. businesses can expect a regulatory domino effect that will occur region by region, as more governments will take steps to protect citizen data, preserve national security interests, and build legal fences to protect local businesses. These evolving rules will be determined within various governments, with different privacy concerns driving each set of regulations. It’s likely to produce more chaos before consistency.

As we close out 2015, representatives from the EU Commission and the U.S. have been working on the terms of a new data-transfer framework that will meet the EU court’s requirements. For U.S. businesses, January 31, 2016 will be when things really get interesting. That’s the deadline for the European Commission to agree on new Safe Harbor rules with the U.S. Right now, EU officials are still seeking greater clarity regarding the extent to which U.S. national security services can access European citizens’ data. If no agreement can be hammered out by this deadline, companies are will have to find an alternative to Safe Harbor or face non-compliance fines.

What does this mean for cloud providers and their customers? Consider that Europe’s General Data Protection Regulation (GDPR), legislation that is supposed to be finalized by the end of the year, will govern both data controllers (typically, companies that gather and control how data is used) and data processors (for example, cloud storage providers), no matter where they are based. The GDPR will also restrict and control how EU citizens’ personal data is shared outside the European Economic Area.

From a U.S. business perspective, the GDPR is fraught with compliance risks. The latest draft of the GDPR call for fines of up to two percent of annual revenue for companies that violate the rules, raising the distinct possibility of billion dollar penalties enforced to make examples out of organizations that continue to be careless with private data. To put this into perspective, a company like Monsanto could face fines up to $300 million, and the penalty for a company like GE could be around $2.8 billion.

Cloud structure sea change

What will all of this mean for how U.S. firms do business in the future? In 2016, we will see organizations change their approach to data transport and access. For starters, they will need to localize data policies to comply with the nations and regions where they do business, as well as where their data flows. What this means is that each geographic region will have a set of guidelines specific to handling data, as well as separate guidelines for communicating externally. This is already happening in the EU, with Germany setting more stringent data privacy rules than the rest of Europe.

data-policy

Further, organizations will also no longer be able to rely on centralized datacenters, and instead will need to rely on multiple datacenters, each subject to the specific region’s regulatory oversight. Businesses will also have to ensure that all of its cloud vendors meet the data guidelines set within each region in which it does business. We are already seeing a shift towards this model, with large providers such as Microsoft opening dedicated data centers in locations like Germany, the UK and Australia.

Making room for compliance in the C-suite

One way to handle these regulatory changes is for more private companies to add a new member to their C-suites: the Chief Privacy Officer. The CPO had historically been a role associated with government agencies, but that is changing rapidly. Any organization that collects, processes, or uses personal information across borders will need to implement information security plans to ensure that the personal data in its control is adequately protected. That’s the role of the CPO, and in 2016, it will be in high demand.

Organizations who are proactive and come up with an action plan that aligns with the new regulations will be ahead of the game. This means having end-to-end control over who accesses their data, wherever it travels. Too many companies have been standing on the sidelines, passively waiting for their vendors or the government to solve this. As we race towards the January 31, 2016 deadline, it’s becoming clear that action is needed. Some companies are moving ahead to devise a global solution without depending on the promised Safe Harbor 2.0. Others are taking interim measures such as legal boilerplate language to protect them. The high visibility of some, such as social media or cloud computing vendors, puts them at a higher risk for possible EU regulatory focus. The bottom line, however, is that the EU court decision is forcing all organizations that were part of the Safe Harbor framework to make risk-based—not just legal—decisions.

By Ron Hovsepian

Ron Hovsepian

Ron is president, chief executive and director of Intralinks, a publicly-traded provider of beyond-the-firewall collaboration technology solutions for the enterprise. Previously, Ron served as president and chief executive officer of Novell, from 2005 to 2011. He has held management and executive positions at IBM Corporation over a 17-year period, including worldwide general manager of IBM's distribution industries, manager of global hardware and software development, sales, marketing and services. Ron currently serves as a member of the board of directors of ANSYS, Inc. Follow Ron on Twitter: @RonHovsepian.

Cloud Community Supporters

(ISC)²
Cisco
SAP
CA Technologies
Dropbox

Cloud community support comes from (paid) sponsorship or (no cost) collaborative network partnership initiatives.