In a way, the challenges related to data privacy in the public cloud is like an exponential of an exponential.
GDPR became enforceable in 2018, spawning a wave of additional privacy regulations. Since then, privacy regulations have been passed all over the world, including in California, with other states across the US following, Brazil, China, and South Korea. Many other privacy regulations are likely to be passed into law over the next few years.
It is this combination of accelerating use of data, accelerating use of the public cloud to hold that data, and growing regulatory complexity that is creating such challenges for organisations.
Yet the imperative to meet these challenges is greater than ever – data breaches are expensive, averaging $8.19 million in the US. Penalties for violation of data privacy regulations have been as high as $230 million.
Added complexity is created by the issue that public cloud zones, which do not necessarily relate specifically to regulatory requirements in any one area.
Furthermore, even when public cloud zones and regulatory areas do coincide precisely, services offered by cloud providers can vary between zones. The services in some zones may be inadequate to meet regulatory requirements.
There is no magic “use this software to solve data privacy” bullet. There are, however, proven security controls that can be applied to massively reduce exposure to a breach or regulatory fines.
The use of encryption and tokenisation of data and innovations in the application of data security in public cloud environment are all examples of how data protection and compliance can meet the challenges facing organizations.
This eBook aims to help you understand the complexities of data & public cloud.