Majority of enterprise cloud services still not ready for GDPR

With the EU's General Data Protection Regulation set to come into force in May next year, companies are rushing to ensure that their systems will comply with its rules.

Yet a new report from cloud security company Netskope finds that almost three-quarters of cloud services still lack key capabilities needed to ensure compliance with the GDPR regulations.

The study finds that the average enterprise has deployed 1,022 cloud services, down slightly from last quarter's average of 1,053. Of those cloud services in use, only 24.6 percent received a GDPR-readiness rating of 'high', based on attributes like the location where data is stored, the level of encryption and data processing agreement specifics.

"Cloud adoption is an inevitability and has enormous business value for enterprises across all geographies and verticals. It also introduces a new set of complex security challenges in the enterprise, with regulations like the GDPR one of the more complex challenges," says Sanjay Beri, CEO and founder of Netskope. "On the eve of the compliance deadline, complete visibility into and real-time control over cloud usage and activity in a centralized, consistent way that works across all cloud services is paramount for organizations to understand how they use and protect their customers’ personal data and, consequently, comply with the GDPR."

The report also looks at the threats putting enterprise data at risk. It finds that backdoors are the most frequent threat across enterprise environments, accounting for 27.4 percent of all detections. This is followed by ransomware at 8.6 percent, adware at 8.1 percent, JavaScript at 7.2 percent, Mac malware at 7.2 percent, Microsoft Office macros at 5.9 percent, and PDF exploits at 2.7 percent.

You can read more about the findings in the full report which is available from the Netskope website.

Image credit: Sergey Nivens / Shutterstock