Any business with IT applications will need to investigate whether it is at risk of proposed data protection legislation.
According to Rashmi Knowles, Chief Security Architect, EMEA at RSA EMC, any business with IT applications holding sensitive data which uses public or hybrid cloud resources, will need to investigate whether it is at risk of falling foul of proposed data protection legislation progressing through the European parliament ahead of a vote on the 12th March. If businesses are exposed, they will need to assess whether they have adequate controls over its IT systems in order to rectify this.
There is a clear challenge facing businesses to ensure they can, as according to a recent EMC survey:
· 30% of all data is stored in some form of cloud system
· 62% of businesses highlighted big data, mobile and hybrid cloud resources as areas where they found data protection difficult.
Ensuring compliance will be particularly important with the threat of fines extending up to €100million or 5% of global turnover creating a shadow overhead. Businesses need to have absolute certainty in their IT systems. Given the surge in the use of enterprise data, CTOs were previously under pressure to deliver scale whilst limiting cost, but now risk must also be a priority for them. IT decisions made today might lead to difficulties in achieving compliance by the enforcement date, so now is the time for businesses to be thinking about the proposed legislation and the repercussions it will have.
“The message the European Parliament is sending is unequivocal: This reform is a necessity, and now it is irreversible. Europe’s directly elected parliamentarians have listened to European citizens and European businesses and, with this vote, have made clear that we need a uniform and strong European data protection law, which will make life easier for business and strengthen the protection of our citizens,” said Vice-President Viviane Reding, the EU’s Justice Commissioner. “Data Protection is made in Europe. Strong data protection rules must be Europe’s trade mark. Following the U.S. data spying scandals, data protection is more than ever a competitive advantage. I want to thank Mr Albrecht and Mr Droutsas for their committed and tireless work on the data protection reform. Today’s vote is the strongest signal that it is time to deliver this reform for our citizens and our businesses.”
The European Parliament gave its strong backing to the architecture and the fundamental principles of the Commission’s data protection reform proposals, on both the General Data Protection Regulation and on the Data Protection Directive in the law enforcement context.