European businesses are not prepared to meet regulatory requirements outlined in the EU Data Protection Regulation, due to be enacted by the EU parliament in 2015. That’s the story told by a survey of 1,500 office workers in the UK, France and Germany, conducted by Sophos.
Although a large majority of poll respondents (84%) agree that stricter data protection requirements are needed, most lack confidence that their employers are compliant (77%), and many do not know what type of data protection their companies currently have in place.
During a roundtable discussion about the survey, our security experts talked about the current state of data protection and how the new requirements might impact businesses.
Anthony Merry, director of product management in the data protection group at Sophos, said companies have to get a better understanding of not just what regulations require, but what data protection actually is.
“Many of the companies I talk to still do not understand what data protection is, why businesses need to do it and why it is important, and that needs to change,” he said, according to ComputerWeekly.
Some of the proposed changes to the EU Data Protection Directive include huge fines for non-compliant companies in the event of a data breach — as much as 5% of global turnover, or €100m, whichever is higher.
Compared to relatively lax data protection laws in the United States, such punitive laws could be seen as harmful to businesses.
However, if companies are encrypting their data — on disks, mobile devices, storage drives, and in the cloud — they don’t have to worry as much.
“If data is encrypted, even if IT systems are breached, companies will not be liable under the law,” Anthony said.
Unfortunately, businesses in the countries we surveyed have a long way to go to complete data protection.
According to our survey, only 62% of UK companies are encrypting laptops, along with 36% in France and 56% in Germany. Encryption of mobile devices is even farther behind: 41% in the UK, compared to 21% in France and 32% in Germany.
Learn more about data protection
Sophos SafeGuard Encryption solves the major challenge of managing encryption across multiple platforms, devices, and cloud environments. Users and IT staff can share data safely between Windows, Mac and mobile devices – securing data wherever it lives and wherever it is sent.
For more information about SafeGuard Encryption, get our free whitepaper Managing BitLocker With SafeGuard Enterprise (registration required).
Or download our Encryption Buyers Guide to learn more about how to choose the best encryption solution for your needs.
FBI Director James Comey says Apple and Google go “too far” with default encryption | Naked Security
[…] retail and other regulated industries that store sensitive customer data are under an obligation – a legal one – to protect that data no matter where it is stored, including on employee mobile […]
ste williams – FBI Director James Comey says Apple and Google go "too far" with default encryption
[…] and other regulated industries that store sensitive customer data are under an obligation – a legal one – to protect that data no matter where it is stored, including on employee mobile […]
EU's New Privacy Laws: What They Mean for the Cloud and You - PerfectCloud Blog
[…] Our advanced cloud security solution protects both data controllers as well as data processors by encrypting all data, a move that ensures your company can’t be held liable even if IT systems are breached. […]
FBI Director James Comey says Apple and Google go “too far” with default encryption | Information and Web Technology Security Alerts
[…] and other regulated industries that store sensitive customer data are under an obligation – a legal one – to protect that data no matter where it is stored, including on employee mobile […]