Snapshots from a recent Ovum survey make some important points about the adoption of Cloud-based services, in that over 77 per cent of respondents, ranging across many different countries, state that their organisation’s “regulated and sensitive” data will be present within Cloud or SaaS-based applications by mid-2018.
Ovum believes that part of the reason for this is that some organisations do not have the resources to apply the right protection to this data if it is held internally.
“Regulated data is putting owners between a rock and hard place,” says Alan Rodger, Research Analyst, Ovum.
“The need to appropriately protect data is perceived as increasing, and rightly so, Ovum believes.”
Taking a global view of the trend, Rodger says that adding to the pressures arising from the many threats to information security that now face enterprises, those with data from European operations will soon have to face the consequences arising from the EU General Data Protection Regulation (GDPR).
“With existing and future business plans at risk, many cloud providers will soon have much to do in order to facilitate customers’ compliance with GDPR, but our survey leads to the conclusion that many of those customers probably view having to undertake such compliance efforts themselves as a less appealing alternative,” Rodger adds.
“Organisations indicate they have doubts that Cloud/SaaS can definitely cover all protection requirements, but in many cases there is a willingness to commit nonetheless to a Cloud-based approach, in light of the difficulties of resourcing an in-house program to cover all the bases necessary.”
Indeed, Rodger believes far from being able to look ahead with confidence, a fair proportion of survey respondents worryingly do not even currently have in place some of the protection measures that we would see as basic.
With EU GDPR likely to be high on executives’ agendas due to a window of only two years to attain compliance after its likely transition into legislation later in 2015, Rodger says organisations with such a gap in protection capabilities to make up might well trust that the Cloud provider sector will do a better job of facing up to its own shortfall in technology (itself a very real one) than they themselves can manage.
“We believe that this particularly applies to end-user organisations of a lesser scale, because the necessary investment would be proportionally greater in their cases,” he adds.
“Ovum would caution that this approach might well be expedient, but not without risk, and we will provide more analysis soon to prove this point.”