Enterprise companies on the cloud are dealing with a multitude of issues in the middle of 2018.
One of them is the sheer volume of enterprise companies moving to the cloud. As more enterprises move to the cloud, they’re also splitting up their workloads among several different cloud service providers. Like cars on a highway, all this crowding can create visibility problems—and avoidable accidents.
According to a 2017 RightScale report, 85 percent of respondents now have a multi-cloud strategy, which means many companies are not just using one cloud provider service—they’re using several. Not only that, 95 percent of organizations are now running Software-as-a-Service or Infrastructure-as-a-Service. How can companies keep track and enforce privacy protection and security policies with that many potential vulnerabilities?
The answer: They can’t. In the first three months of 2018 over 1.5 billion sensitive files including payroll data, credit card information, and health information, were exposed due to misconfigured servers, storage, and cloud services.
Combine the volume of enterprises using multi-cloud services with the incredible number of records comprised by improperly protected cloud services this year alone and it becomes clear enterprises are struggling to maintain security or privacy protections across multiple cloud providers.
Meanwhile, there’s the European Union’s global-reaching General Data Protection Regulation (GDPR), set to transform how the world deals with privacy protection. Companies are still scrambling to encrypt data, roll out better access controls, and update monitoring and auditing protocols. Non-compliance could result in fees up to four percent of a company’s annual global turnover, or 20 million Euros, whichever is greater. 85 percent of companies are not ready, while others are shutting down entirely.
One catch-all solution to the multi-cloud problem and the imminent GDPR, is the eperi Gateway. It offers to enterprise companies that ability to manage cloud data protection measures in a multiple cloud environment at once, out of the box, without getting in the way of their functionality. It encrypts and tokenizes sensitive information, so that even in the event of a data breach, that data will remain unreadable unless decrypted by a key, which his always in the sole control of the enterprise. And it sidesteps compliance requirements with pseudonymization and encryption, access controls, and auditing capabilities. For more information, contact eperi.