The increase in data breaches targeting enterprise companies shows no signs of slowing down. Can stricter regulations and better cloud app security help?
The personal identifiable data of customers is getting compromised by the nation-load. The Equifax breach in September alone cost 145 million Americans—that’s half the population of the United States—their sensitive information, including credit card, driver’s license, and Social Security numbers.
Enterprise companies should be worried. Loss of a customer base, reputational damage, and civil class action lawsuits are all possible ramifications for a massive data breach, not to mention the untold damage unfolding for customers whose personal data was lost. It’s obvious that the increase in data breaches targeting enterprise companies shows no signs of slowing down.
Can stricter regulations and better cloud app security help? Most likely, yes.
Clearly, something isn’t working. Current practices and protections are not enough. But that’s where the forthcoming legislation like the Global Data Protection Regulation (GDPR) comes in. Although a European Union law, it will affect every enterprise company that handles the sensitive data of European citizens, wherever that organization may be located. U.S., New Zealand, Japan—it doesn’t matter. If you handle EU data you will be forced to rethink how your company identifies, detects, prevents, and handles data breaches. A failure to comply could result in massive penalties, including fines up to four percent of a group’s global revenue.
It also forces companies to accurately identify and control its own data. Companies must answer a few basic questions: Where is our customer data? Who has access to it? Should it be deleted if it’s unused or unnecessary? Can we get rid of backup data if it’s just laying around? Should we mask confidential information and anonymize sensitive data before processing it?
The answer to that last one is an emphatic “yes”, by the way. The road to better app security and stronger data protection begins and ends with powerful encryption methods. In fact, “pseudonymization” is the crux of the GDPR plans. If, in the event of data breach, personal data is stolen then at least that information cannot be used by malicious attackers.
One option, eperi Gateway, can provide a one-stop encryption solution for multiple all the data stored across a company’s cloud apps, including Microsoft Office 365, email, OneDrive, and SharePoint. Its pseudonymization abilities will render any personal data in those apps and services unreadable by anyone but authorized, internal users.
The GDPR may place a lot of pressure on enterprise companies to increase cloud app security, but with data breaches on the rise it’s the solution we need. And if it leads to lower incidents of sensitive information loss and higher customer trust, then it will be worth it.