Experts Comments:
Chris DeRamus, Co-founder and CTO at DivvyCloud:
“Since GDPR was implemented a year ago, it has sparked inspiration around the globe for similar data privacy regulations. We have already seen a few companies hit by GDPR fines, and they were far from frivolous. In fact, research from DLA Piper in February 2019, revealed that there had been a total of 91 fines issued under GDPR, a number which has since grown. Google has faced the highest fine yet, with its violation around lack of transparency costing the company €50 million. In the coming months, even more companies are likely to face fines, especially as the regulatory landscape grows in complexity and companies struggle to comply with varying standards applied to them in different regions. It will be challenging for all of these governing entities to find common ground and it’s not likely we will see each of these new regulations brought together into a universal system for many years, if ever.
Now is the time to make sure the monitoring and enforcement of compliance policies in the cloud is automated, making it easier to adjust as standards and regulations become even more complex. Companies operating in cloud environments are especially susceptible to falling out of compliance, due to the rapid rate of change, the complexity of the technology, and large number of cloud users. Developers and engineers are increasingly using a diverse set of cloud services and making changes to existing services at great speeds. They are rarely educated on all of the regulations their company is subject to or how to configure cloud services to be compliant. Leveraging a flexible compliance automation tool that can be adapted as new regulations and policies come into play is the best way companies can ensure compliance now while preparing for more changes to come in the future.”
Steve Armstrong, Regional Director at Bitglass: