Research: Global Privacy Rights Movement Poses New Business, Economic Risks
Over 70% of respondents expect to increase spending in order to meet data sovereignty requirements, 30% expect budgets to rise by more than 10% over the next two years.
December 11, 2015
PRESS RELEASE
New York, NY & London, UK, December 8, 2015 — Intralinks® Holdings Inc. (NYSE: IL), a global Software-as-a-Service (SaaS) provider of secure enterprise content collaboration technology, today announces research that outlines global data sovereignty concerns in an increasingly cloud-based business environment. The research findings uncover data privacy fears as well as how many businesses are unprepared for new regulations. Only 44% of survey respondents currently monitor user activities and provide alerts to data policy violations, and only 53% classify information to align with access controls.
“New data privacy laws are being enacted across the globe in an effort to better protect citizen data, guard national security interests and boost local economies,” said Ron Hovsepian, CEO of Intralinks. “In this rush to update how personally identifiable information is handled within each region, international business strategies, practices, and processes are being called into question, causing global confusion around data sovereignty.”
To explore the impact of evolving data privacy regulations and data sovereignty, in Q3 2015 Intralinks commission Ovum to conduct an international survey of 366 IT decision-makers.
Key findings include:
· Data privacy regulations are coming directly into conflict with cloud, SaaS, and mobile computing practices within enterprises
Cloud computing is an established part of the enterprise IT landscape, and adoption is expected to continue to increase over the next decade. Information-intensive business processes rely on SaaS, and this, coupled with a shift to mobile computing platforms, means that controlling data location and complying with privacy regulations has become extremely challenging. Nevertheless, over the next three years, 78% of survey respondents plan to use cloud and SaaS-based applications, even for storing and sharing sensitive and regulated data.
· Business leaders are deeply pessimistic about the potential consequences of new data privacy regulations
Our survey shows that organizations are aware of data privacy as an issue, but are struggling with how to respond. When we asked about the pending European Union (EU) General Data Protection Regulation (GDPR), 52% said they think it will result in business fines for their company, and two-thirds expect it to force changes in their European business strategy.
· The cost of regulatory compliance will be substantial, but the cost of non-compliance will be higher.
Over 70% of respondents expect to increase spending in order to meet data sovereignty requirements, and over 30% expect budgets to rise by more than 10% over the next two years. Of those who plan to update data privacy strategies in the next three years, 38% plan to hire subject matter experts, and 27% will hire a chief privacy officer.
· US-based organizations are particularly vulnerable
The Snowden Effect is real. The US is ranked as the least trusted country and the most likely to gain unauthorized access to sensitive information among 20 industrialized economies, with China coming in second and Russia third. New regulations will also put US companies at an even greater disadvantage, with 63% of respondents believing that the proposed EU GDPR will make it harder for US companies to compete, and 70% thinking the new legislation will favor European-based businesses.
· Most organizations aren’t effectively using technology to address data privacy concerns
Alarmingly, many organizations aren’t taking advantage of available technologies that protect sensitive data. Only 44% of survey respondents monitor user activities and provide alerts to data policy violations, and only 53% classify information to align with access controls. Almost half (47%) have no policies or controls that govern access to consumer-grade cloud storage and file-sharing system.
· Global organizations need an orchestrated approach to data sovereignty that covers people, processes, and technology
Business leaders recognize they need to take a balanced approach to address data sovereignty and data privacy. When asked about investment strategies, 55% said they are planning new training for employees, 51% will amend and adapt policies, and 53% will prepare by adopting new technologies.
· Organizations face a patchwork of contradictory and conflicting global privacy regulations, and need technology options to address all eventualities
The data sovereignty revolution threatens to create a Balkanized technology landscape, with different jurisdictions imposing inconsistent and often incompatible mandates for how personally identifiable information is stored, processed, and shared. This is already creating confusion and uncertainty, leaving fundamental questions unanswered, such as how to interpret data location requirements. Organizations need technology options that enable them to react to a rapidly changing regulatory environment.
“Data privacy legislation will increasingly impact internationally-operating enterprises and organizations will need to adapt to emerging business, legal, and consumer requirements, said Alan Rodger, Senior Analyst at Ovum. “Immediate actions all businesses should consider to ensure compliance include establishing a data sovereignty strategy, conducting a risk assessment, educating employees and verifying that all cloud-vendors meet guidelines within each region.”
Get a free copy of the research report here: https://www.intralinks.com/redtape
Methodology
In Q3 2015, Ovum was commissioned by Intralinks, a provider of enterprise cloud content collaboration technology, to understand the implications of data privacy regulations on global businesses. A survey was conducted to explore the following questions:
· How are organizations preparing to deal with data sovereignty?
· What will be the impact of new data privacy regulations?
· How will organizations adapt their business to meet new privacy obligations?
· What are the differences of opinion in different countries and in different jurisdictions?
· What technology decisions will support data privacy obligations?
· What are the best practices for adapting to new regulatory regimes?
Ovum’s survey incorporates input from 366 respondents from across the globe, within organizations of different sizes, in various industries. The demographics were chosen deliberately to include a variety of organization types and countries that are being affected by data privacy regulations and data sovereignty obligations.
About Ovum
Ovum is a leading global technology research and advisory firm. Through its 180 analysts worldwide, it offers expert analysis and strategic insight across the IT, telecoms, and media industries. Founded in 1985, Ovum has one of the most experienced analyst teams in the industry and is a respected source of guidance for technology business leaders, CIOs, vendors, service providers, and regulators looking for comprehensive, accurate, and insightful market data, research, and consulting. With 23 offices across six continents, Ovum offers a truly global perspective on technology and media markets and provides thousands of clients with insight including workflow tools, forecasts, surveys, market assessments, technology audits, and opinion. In 2012, Ovum was jointly named Global Analyst Firm of the Year by the IIAR.
Ovum is a division of Informa plc, one of the leading business and academic publishing and event organizers globally, headquartered in London. Informa is quoted on the London Stock Exchange.
About Intralinks
Intralinks Holdings, Inc. (NYSE: IL) is a leading, global technology provider of secure enterprise content collaboration solutions. Through innovative Software-as-a-Service solutions, Intralinks software is designed to enable the exchange and control of information between organizations securely and compliantly when working through the firewall. More than 3.1 million professionals at 99% of the Fortune 1000 companies have depended on Intralinks' experience. With a track record of enabling high-stakes transactions and business collaborations valued at more than $28.1 trillion, Intralinks is a trusted provider of easy-to-use, enterprise strength, cloud-based collaboration solutions. For more information, visit www.intralinks.com.
Read more about:
2015You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024