Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

12/10/2015
11:55 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Intralinks Research: A Global Privacy Rights Movement Poses New Business and Economic Risks

Over 70% of respondents expect to increase spending in order to meet data sovereignty requirements, 30% expect budgets to rise by more than 10% over the next two years

New York, NY & London, UK, December 8, 2015 — Intralinks® Holdings Inc. (NYSE: IL), a global Software-as-a-Service (SaaS) provider of secure enterprise content collaboration technology, today announces research that outlines global data sovereignty concerns in an increasingly cloud-based business environment. The research findings uncover data privacy fears as well as how many businesses are unprepared for new regulations. Only 44% of survey respondents currently monitor user activities and provide alerts to data policy violations, and only 53% classify information to align with access controls.

“New data privacy laws are being enacted across the globe in an effort to better protect citizen data, guard national security interests and boost local economies,” said Ron Hovsepian, CEO of Intralinks. “In this rush to update how personally identifiable information is handled within each region, international business strategies, practices, and processes are being called into question, causing global confusion around data sovereignty.”

To explore the impact of evolving data privacy regulations and data sovereignty, in Q3 2015 Intralinks commission Ovum to conduct an international survey of 366 IT decision-makers.

Key findings include:

· Data privacy regulations are coming directly into conflict with cloud, SaaS, and mobile computing practices within enterprises

Cloud computing is an established part of the enterprise IT landscape, and adoption is expected to continue to increase over the next decade. Information-intensive business processes rely on SaaS, and this, coupled with a shift to mobile computing platforms, means that controlling data location and complying with privacy regulations has become extremely challenging. Nevertheless, over the next three years, 78% of survey respondents plan to use cloud and SaaS-based applications, even for storing and sharing sensitive and regulated data.

· Business leaders are deeply pessimistic about the potential consequences of new data privacy regulations

Our survey shows that organizations are aware of data privacy as an issue, but are struggling with how to respond. When we asked about the pending European Union (EU) General Data Protection Regulation (GDPR), 52% said they think it will result in business fines for their company, and two-thirds expect it to force changes in their European business strategy.

· The cost of regulatory compliance will be substantial, but the cost of non-compliance will be higher.

Over 70% of respondents expect to increase spending in order to meet data sovereignty requirements, and over 30% expect budgets to rise by more than 10% over the next two years. Of those who plan to update data privacy strategies in the next three years, 38% plan to hire subject matter experts, and 27% will hire a chief privacy officer.

· US-based organizations are particularly vulnerable

The Snowden Effect is real. The US is ranked as the least trusted country and the most likely to gain unauthorized access to sensitive information among 20 industrialized economies, with China coming in second and Russia third. New regulations will also put US companies at an even greater disadvantage, with 63% of respondents believing that the proposed EU GDPR will make it harder for US companies to compete, and 70% thinking the new legislation will favor European-based businesses.

· Most organizations aren’t effectively using technology to address data privacy concerns

Alarmingly, many organizations aren’t taking advantage of available technologies that protect sensitive data. Only 44% of survey respondents monitor user activities and provide alerts to data policy violations, and only 53% classify information to align with access controls. Almost half (47%) have no policies or controls that govern access to consumer-grade cloud storage and file-sharing system.

· Global organizations need an orchestrated approach to data sovereignty that covers people, processes, and technology

Business leaders recognize they need to take a balanced approach to address data sovereignty and data privacy. When asked about investment strategies, 55% said they are planning new training for employees, 51% will amend and adapt policies, and 53% will prepare by adopting new technologies.

· Organizations face a patchwork of contradictory and conflicting global privacy regulations, and need technology options to address all eventualities

The data sovereignty revolution threatens to create a Balkanized technology landscape, with different jurisdictions imposing inconsistent and often incompatible mandates for how personally identifiable information is stored, processed, and shared. This is already creating confusion and uncertainty, leaving fundamental questions unanswered, such as how to interpret data location requirements. Organizations need technology options that enable them to react to a rapidly changing regulatory environment.

“Data privacy legislation will increasingly impact internationally-operating enterprises and organizations will need to adapt to emerging business, legal, and consumer requirements, said Alan Rodger, Senior Analyst at Ovum.  “Immediate actions all businesses should consider to ensure compliance include establishing a data sovereignty strategy, conducting a risk assessment, educating employees and verifying that all cloud-vendors meet guidelines within each region.”

 

Get a free copy of the research report here: https://www.intralinks.com/redtape

 

Methodology

In Q3 2015, Ovum was commissioned by Intralinks, a provider of enterprise cloud content collaboration technology, to understand the implications of data privacy regulations on global businesses. A survey was conducted to explore the following questions:

·       How are organizations preparing to deal with data sovereignty?

·       What will be the impact of new data privacy regulations?

·       How will organizations adapt their business to meet new privacy obligations?

·       What are the differences of opinion in different countries and in different jurisdictions?

·       What technology decisions will support data privacy obligations?

·       What are the best practices for adapting to new regulatory regimes?

 

Ovum’s survey incorporates input from 366 respondents from across the globe, within organizations of different sizes, in various industries. The demographics were chosen deliberately to include a variety of organization types and countries that are being affected by data privacy regulations and data sovereignty obligations.

 

About Ovum

Ovum is a leading global technology research and advisory firm. Through its 180 analysts worldwide, it offers expert analysis and strategic insight across the IT, telecoms, and media industries. Founded in 1985, Ovum has one of the most experienced analyst teams in the industry and is a respected source of guidance for technology business leaders, CIOs, vendors, service providers, and regulators looking for comprehensive, accurate, and insightful market data, research, and consulting. With 23 offices across six continents, Ovum offers a truly global perspective on technology and media markets and provides thousands of clients with insight including workflow tools, forecasts, surveys, market assessments, technology audits, and opinion. In 2012, Ovum was jointly named Global Analyst Firm of the Year by the IIAR.

Ovum is a division of Informa plc, one of the leading business and academic publishing and event organizers globally, headquartered in London. Informa is quoted on the London Stock Exchange.

 

About Intralinks
Intralinks Holdings, Inc. (NYSE: IL) is a leading, global technology provider of secure enterprise content collaboration solutions. Through innovative Software-as-a-Service solutions, Intralinks software is designed to enable the exchange and control of information between organizations securely and compliantly when working through the firewall. More than 3.1 million professionals at 99% of the Fortune 1000 companies have depended on Intralinks' experience. With a track record of enabling high-stakes transactions and business collaborations valued at more than $28.1 trillion, Intralinks is a trusted provider of easy-to-use, enterprise strength, cloud-based collaboration solutions. For more information, visit www.intralinks.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Tell him only Kevin Mitnick and the President know the launch codes.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31607
PUBLISHED: 2021-04-23
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function...
CVE-2021-31597
PUBLISHED: 2021-04-23
The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected.
CVE-2021-2296
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2297
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2298
PUBLISHED: 2021-04-22
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...