It’s Not Digital Transformation; It’s Digital “Business” Transformation – Part II

It’s Not Digital Transformation; It’s Digital “Business” Transformation – Part II

Previously in Part I “It’s Not Digital Transformation; It’s Digital “Business” Transformation – Part I” we introduced two fundamental digital transformation techniques to help organizations identify where and how to drive their digital transformation journey: ·     Fundamental #1: Identifying Sources of Value Creation. A methodology for
Mobile Data Traffic Explosion: Explore IoT, 5G, & VR Opportunities

Mobile Data Traffic Explosion: Explore IoT, 5G, & VR Opportunities

Mobile Data Traffic Explosion The technology revolution of the 21st Century has opened the avenues towards many possibilities. We now have a mobile data traffic explosion on our hands, which can end up expanding growth while we move into the next decade. Due to a

CONTRIBUTORS

Why Accept the Hype? Time to Transform How We Approach Emerging Technology

Why Accept the Hype? Time to Transform How We Approach Emerging Technology

Time to Transform How We Approach Emerging Technology It’s like a rite of passage – a new technology pops onto ...
How to Transform Your Operating Model for the Cloud

How to Transform Your Operating Model for the Cloud

Transform Your Operating Model It can be tough for established organizations to embrace change, so when they start working with ...
Global Public Cloud Spending To Double By 2020

Global Public Cloud Spending To Double By 2020

The Cloud and Endpoint Modeling The worldwide migration of IT resources to the public cloud continues, at a head-spinning pace ...

RECENT NEWS

Amazon picks New York City, Virginia for $5 billion new headquarters

Amazon picks New York City, Virginia for $5 billion new headquarters

SAN FRANCISCO (Reuters) - Amazon.com Inc (AMZN.O) said on Tuesday it will build offices for up to 25,000 people in ...
Batteryless smart devices closer to reality

Batteryless smart devices closer to reality

Researchers at the University of Waterloo have taken a huge step towards making smart devices that do not use batteries ...
Pressure grows on Zuckerberg to attend Facebook committee hearing

Pressure grows on Zuckerberg to attend Facebook committee hearing

Australia, Argentina and Ireland join UK and Canada in urging Facebook CEO to give evidence to parliaments Parliamentary committees from ...
Alibaba's on-demand online services unit valued at $30 billion: sources

Alibaba’s on-demand online services unit valued at $30 billion: sources

HONG KONG (Reuters) - Alibaba Group’s newly formed on-demand online services unit has rocketed in value to as much as ...
Oracle Cloud Unveils New HPC Offerings to Support Mission Critical Workloads

Oracle Cloud Unveils New HPC Offerings to Support Mission Critical Workloads

Oracle Cloud Unveils New HPC Offering Oracle now provides a complete set of solutions for any high performance computing workload, ...
Daren Glenister

How Data Privacy Reform Is Wreaking Havoc In The Cloud

Data Privacy Reform Is Wreaking Havoc

Nations around the globe are stepping up efforts to better protect the personal data of private citizens. In particular, cross-border data security regulations and legislative reform is on the rise. The laws must evolve in order to mitigate theft, abuse and misappropriation of personally identifiable information (PII), better guard national security interests, and boost local economies. These reforms are all necessary and long overdue.

But as these nations seek legislation-based ways to adequately address how the PII of consumers, customers, employees, partners, and contractors are collected, stored and disposed, we’re also seeing global business strategies and processes being tossed into a sea of uncertainty.

byod

Cloud computing is an established part of today’s international enterprise IT operational landscape, and adoption will continue rising over the next decade. More organizations of all sizes are turning to SaaS and cloud-based collection, storage and collaboration models to streamline efficiencies and share data easily on multiple devices across international locations. This migration to the cloud has been years, even decades, in the making.

Direct Conflict: Cloud vs. Data Privacy Laws

As we shift to mobile and cloud-centric computing platforms in the workplace, we’re also making it more difficult to ensure the proper control of information and awareness of data flows in and outside of the enterprise network. The very nature of the cloud itself – fluid, centrally located, and available anytime from anywhere – is exactly what is creating new challenges for businesses that must comply with data privacy regulatory changes.

Pulse Check: Ovum Research

To develop a sharper picture of where organizations currently stand on their awareness and preparedness level for coming regulatory changes, Ovum Research surveyed more than 300 international IT decision makers. The results of this global research reveal a disturbing worldwide trend: a majority of enterprise leaders are confused about how new data privacy regulations apply to them, and are unprepared for the consequences of failure to comply.

Location, Location

From a legislative viewpoint, the matter of “where data resides” is critical as these new data privacy rules roll out. The Ovum research underscores that when it comes to the physical location of data, there is uncertainty and confusion.

Until now, a key benefit of the cloud was that businesses no longer needed to concern themselves with the physical location of their data. It was stored off-site, for all to share, as needed. Now, with the European Union (EU), Israel and the United States beefing up regulations with the goal of stopping the flood of data leaks and stolen information, businesses must shift their approach to the cloud in a fundamental way. Suddenly, the location controlling the physical path of data matters.

data-policy

The ability to control access to data and achieve regulatory compliance will heavily depend on the data’s location, a key factor in determining what legislation the data is affected by, and the level of access that should be available. Exerting control over data location is a challenge for many organizations, because most systems do not support the concept of data location being a business-related decision, and especially not cloud-based systems. Making matters worse, the exact definition of “data location” for regulatory compliance purposes varies from region to region. Organizations trying to achieve compliance will need options that offer control over data’s physical, logical, legal, and political location.

We are already seeing legal arguments being made in courts around the world that hinge on the fundamental concept of where data is located and controlled, and who has jurisdiction over that data (an example is the Microsoft case regarding data stored in Dublin, Ireland that is being requested by a US judge).

The Ovum research found that 50 percent of respondents’ organizations planned to change the primary approach to this control challenge during the next three years. This may suggest that organizations are waiting for a standard to emerge, and builds a strong case for an approach to cloud collaboration that provides various technical options, such as the ability to offer controls for physical and logical location.

No Control Over Cloud-based Services

It’s important to note that these data privacy regulations apply to cloud vendors, but they also extend to the individual companies using them. For example, the pending General Data Protection Regulation (GDPR) in the EU specifically targets any business that collects, stores, processes, and shares personal data on employees, customers, or partners. Failure to keep that information within the specific geographic location of the European Economic Area (EEA), whether intentionally or by accident (such as a data breach) will result in significant fines for that company.

Yet, the Ovum research tells us that many organizations are not leveraging available technologies to better protect sensitive data, either in the cloud or on-premise. Only 44 percent of survey respondents said they use technology to monitor user activities and provide alerts to data policy violations, and only 53 percent classify information to align with access controls. Almost half (47%) admitted that they have “no policies or controls” that govern access to consumer cloud storage and file-sharing system like Dropbox. This opens them up to enormous risk.

The Cloud: Here To Stay, But in Need of Better Control

While regulatory changes are wreaking havoc, that doesn’t mean that cloud services will fall out of favor. Just a few years ago, conversations revolved around whether the cloud should be trusted at all. Today, businesses do trust the cloud to protect the most sensitive assets, demonstrating a shift in sentiment toward its positive role in business today. The Ovum survey found that 58 percent of respondents trust the cloud for all business operations, despite the potential impact of pending data privacy regulations, all of which intend to change how data is stored, transferred, and processed around the world.

machinery-business

(Image Source: Shutterstock)

So, even with the changing regulatory climate, cloud computing is a decision that’s already been made. And yet, regulating cloud-held data is poised to become the biggest challenge facing legal practitioners, politicians, and businesses as they try to balance privacy with access and productivity. The cloud can still work in this new world of data privacy reform, in reality cloud services may be a more appropriate solution to the data sovereignty challenges as cloud vendors are already having to address the sovereignty issues and architect their solutions to address an ever changing landscape.

Enterprises are likely to lean more heavily on cloud vendors to be a part of the bigger solution rather than try to unravel the ever changing requirements single handedly. However, it will need greater control and visibility in each region where companies operate.

By Daren Glenister

 

Daren Glenister

Daren is the Field Chief Technology Officer for Intralinks. Daren serves as a customer advocate, working with enterprise organizations to evangelize data collaboration solutions and translate customer business challenges into product requirements.

Glenister brings more than 20 years of industry experience and leadership in security, compliance, secure collaboration and enterprise software, having worked with many Fortune 1000 companies to turn business challenges into real-world solutions.

View Website

Cloud Community Supporters

(ISC)²
Cisco
SAP
CA Technologies
Dropbox

Cloud community support comes from (paid) sponsorship or (no cost) collaborative network partnership initiatives.